mirror of
				https://github.com/k3s-io/kubernetes.git
				synced 2025-10-26 02:45:19 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			8324 lines
		
	
	
		
			294 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			8324 lines
		
	
	
		
			294 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
 | |
| 
 | |
| package kms
 | |
| 
 | |
| import (
 | |
| 	"fmt"
 | |
| 	"time"
 | |
| 
 | |
| 	"github.com/aws/aws-sdk-go/aws"
 | |
| 	"github.com/aws/aws-sdk-go/aws/awsutil"
 | |
| 	"github.com/aws/aws-sdk-go/aws/request"
 | |
| 	"github.com/aws/aws-sdk-go/private/protocol"
 | |
| 	"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
 | |
| )
 | |
| 
 | |
| const opCancelKeyDeletion = "CancelKeyDeletion"
 | |
| 
 | |
| // CancelKeyDeletionRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the CancelKeyDeletion operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See CancelKeyDeletion for more information on using the CancelKeyDeletion
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the CancelKeyDeletionRequest method.
 | |
| //    req, resp := client.CancelKeyDeletionRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CancelKeyDeletion
 | |
| func (c *KMS) CancelKeyDeletionRequest(input *CancelKeyDeletionInput) (req *request.Request, output *CancelKeyDeletionOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opCancelKeyDeletion,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &CancelKeyDeletionInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &CancelKeyDeletionOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // CancelKeyDeletion API operation for AWS Key Management Service.
 | |
| //
 | |
| // Cancels the deletion of a customer master key (CMK). When this operation
 | |
| // is successful, the CMK is set to the Disabled state. To enable a CMK, use
 | |
| // EnableKey. You cannot perform this operation on a CMK in a different AWS
 | |
| // account.
 | |
| //
 | |
| // For more information about scheduling and canceling deletion of a CMK, see
 | |
| // Deleting Customer Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation CancelKeyDeletion for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CancelKeyDeletion
 | |
| func (c *KMS) CancelKeyDeletion(input *CancelKeyDeletionInput) (*CancelKeyDeletionOutput, error) {
 | |
| 	req, out := c.CancelKeyDeletionRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // CancelKeyDeletionWithContext is the same as CancelKeyDeletion with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See CancelKeyDeletion for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) CancelKeyDeletionWithContext(ctx aws.Context, input *CancelKeyDeletionInput, opts ...request.Option) (*CancelKeyDeletionOutput, error) {
 | |
| 	req, out := c.CancelKeyDeletionRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opCreateAlias = "CreateAlias"
 | |
| 
 | |
| // CreateAliasRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the CreateAlias operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See CreateAlias for more information on using the CreateAlias
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the CreateAliasRequest method.
 | |
| //    req, resp := client.CreateAliasRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateAlias
 | |
| func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, output *CreateAliasOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opCreateAlias,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &CreateAliasInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &CreateAliasOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // CreateAlias API operation for AWS Key Management Service.
 | |
| //
 | |
| // Creates a display name for a customer master key (CMK). You can use an alias
 | |
| // to identify a CMK in selected operations, such as Encrypt and GenerateDataKey.
 | |
| //
 | |
| // Each CMK can have multiple aliases, but each alias points to only one CMK.
 | |
| // The alias name must be unique in the AWS account and region. To simplify
 | |
| // code that runs in multiple regions, use the same alias name, but point it
 | |
| // to a different CMK in each region.
 | |
| //
 | |
| // Because an alias is not a property of a CMK, you can delete and change the
 | |
| // aliases of a CMK without affecting the CMK. Also, aliases do not appear in
 | |
| // the response from the DescribeKey operation. To get the aliases of all CMKs,
 | |
| // use the ListAliases operation.
 | |
| //
 | |
| // An alias must start with the word alias followed by a forward slash (alias/).
 | |
| // The alias name can contain only alphanumeric characters, forward slashes
 | |
| // (/), underscores (_), and dashes (-). Alias names cannot begin with aws;
 | |
| // that alias name prefix is reserved by Amazon Web Services (AWS).
 | |
| //
 | |
| // The alias and the CMK it is mapped to must be in the same AWS account and
 | |
| // the same region. You cannot perform this operation on an alias in a different
 | |
| // AWS account.
 | |
| //
 | |
| // To map an existing alias to a different CMK, call UpdateAlias.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation CreateAlias for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeAlreadyExistsException "AlreadyExistsException"
 | |
| //   The request was rejected because it attempted to create a resource that already
 | |
| //   exists.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidAliasNameException "InvalidAliasNameException"
 | |
| //   The request was rejected because the specified alias name is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeLimitExceededException "LimitExceededException"
 | |
| //   The request was rejected because a limit was exceeded. For more information,
 | |
| //   see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateAlias
 | |
| func (c *KMS) CreateAlias(input *CreateAliasInput) (*CreateAliasOutput, error) {
 | |
| 	req, out := c.CreateAliasRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // CreateAliasWithContext is the same as CreateAlias with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See CreateAlias for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) CreateAliasWithContext(ctx aws.Context, input *CreateAliasInput, opts ...request.Option) (*CreateAliasOutput, error) {
 | |
| 	req, out := c.CreateAliasRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opCreateGrant = "CreateGrant"
 | |
| 
 | |
| // CreateGrantRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the CreateGrant operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See CreateGrant for more information on using the CreateGrant
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the CreateGrantRequest method.
 | |
| //    req, resp := client.CreateGrantRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateGrant
 | |
| func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request, output *CreateGrantOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opCreateGrant,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &CreateGrantInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &CreateGrantOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // CreateGrant API operation for AWS Key Management Service.
 | |
| //
 | |
| // Adds a grant to a customer master key (CMK). The grant specifies who can
 | |
| // use the CMK and under what conditions. When setting permissions, grants are
 | |
| // an alternative to key policies.
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN in the value of the KeyId parameter. For more information about grants,
 | |
| // see Grants (http://docs.aws.amazon.com/kms/latest/developerguide/grants.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation CreateGrant for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeLimitExceededException "LimitExceededException"
 | |
| //   The request was rejected because a limit was exceeded. For more information,
 | |
| //   see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateGrant
 | |
| func (c *KMS) CreateGrant(input *CreateGrantInput) (*CreateGrantOutput, error) {
 | |
| 	req, out := c.CreateGrantRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // CreateGrantWithContext is the same as CreateGrant with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See CreateGrant for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) CreateGrantWithContext(ctx aws.Context, input *CreateGrantInput, opts ...request.Option) (*CreateGrantOutput, error) {
 | |
| 	req, out := c.CreateGrantRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opCreateKey = "CreateKey"
 | |
| 
 | |
| // CreateKeyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the CreateKey operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See CreateKey for more information on using the CreateKey
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the CreateKeyRequest method.
 | |
| //    req, resp := client.CreateKeyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateKey
 | |
| func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, output *CreateKeyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opCreateKey,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &CreateKeyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &CreateKeyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // CreateKey API operation for AWS Key Management Service.
 | |
| //
 | |
| // Creates a customer master key (CMK) in the caller's AWS account.
 | |
| //
 | |
| // You can use a CMK to encrypt small amounts of data (4 KiB or less) directly,
 | |
| // but CMKs are more commonly used to encrypt data encryption keys (DEKs), which
 | |
| // are used to encrypt raw data. For more information about DEKs and the difference
 | |
| // between CMKs and DEKs, see the following:
 | |
| //
 | |
| //    * The GenerateDataKey operation
 | |
| //
 | |
| //    * AWS Key Management Service Concepts (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html)
 | |
| //    in the AWS Key Management Service Developer Guide
 | |
| //
 | |
| // You cannot use this operation to create a CMK in a different AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation CreateKey for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException"
 | |
| //   The request was rejected because the specified policy is not syntactically
 | |
| //   or semantically correct.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeLimitExceededException "LimitExceededException"
 | |
| //   The request was rejected because a limit was exceeded. For more information,
 | |
| //   see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeTagException "TagException"
 | |
| //   The request was rejected because one or more tags are not valid.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateKey
 | |
| func (c *KMS) CreateKey(input *CreateKeyInput) (*CreateKeyOutput, error) {
 | |
| 	req, out := c.CreateKeyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // CreateKeyWithContext is the same as CreateKey with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See CreateKey for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) CreateKeyWithContext(ctx aws.Context, input *CreateKeyInput, opts ...request.Option) (*CreateKeyOutput, error) {
 | |
| 	req, out := c.CreateKeyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opDecrypt = "Decrypt"
 | |
| 
 | |
| // DecryptRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the Decrypt operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See Decrypt for more information on using the Decrypt
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the DecryptRequest method.
 | |
| //    req, resp := client.DecryptRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Decrypt
 | |
| func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output *DecryptOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opDecrypt,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &DecryptInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &DecryptOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // Decrypt API operation for AWS Key Management Service.
 | |
| //
 | |
| // Decrypts ciphertext. Ciphertext is plaintext that has been previously encrypted
 | |
| // by using any of the following operations:
 | |
| //
 | |
| //    * GenerateDataKey
 | |
| //
 | |
| //    * GenerateDataKeyWithoutPlaintext
 | |
| //
 | |
| //    * Encrypt
 | |
| //
 | |
| // Note that if a caller has been granted access permissions to all keys (through,
 | |
| // for example, IAM user policies that grant Decrypt permission on all resources),
 | |
| // then ciphertext encrypted by using keys in other accounts where the key grants
 | |
| // access to the caller can be decrypted. To remedy this, we recommend that
 | |
| // you do not grant Decrypt access in an IAM user policy. Instead grant Decrypt
 | |
| // access only in key policies. If you must grant Decrypt access in an IAM user
 | |
| // policy, you should scope the resource to specific keys or to specific trusted
 | |
| // accounts.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation Decrypt for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeInvalidCiphertextException "InvalidCiphertextException"
 | |
| //   The request was rejected because the specified ciphertext, or additional
 | |
| //   authenticated data incorporated into the ciphertext, such as the encryption
 | |
| //   context, is corrupted, missing, or otherwise invalid.
 | |
| //
 | |
| //   * ErrCodeKeyUnavailableException "KeyUnavailableException"
 | |
| //   The request was rejected because the specified CMK was not available. The
 | |
| //   request can be retried.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Decrypt
 | |
| func (c *KMS) Decrypt(input *DecryptInput) (*DecryptOutput, error) {
 | |
| 	req, out := c.DecryptRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // DecryptWithContext is the same as Decrypt with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See Decrypt for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) DecryptWithContext(ctx aws.Context, input *DecryptInput, opts ...request.Option) (*DecryptOutput, error) {
 | |
| 	req, out := c.DecryptRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opDeleteAlias = "DeleteAlias"
 | |
| 
 | |
| // DeleteAliasRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the DeleteAlias operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See DeleteAlias for more information on using the DeleteAlias
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the DeleteAliasRequest method.
 | |
| //    req, resp := client.DeleteAliasRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DeleteAlias
 | |
| func (c *KMS) DeleteAliasRequest(input *DeleteAliasInput) (req *request.Request, output *DeleteAliasOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opDeleteAlias,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &DeleteAliasInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &DeleteAliasOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // DeleteAlias API operation for AWS Key Management Service.
 | |
| //
 | |
| // Deletes the specified alias. You cannot perform this operation on an alias
 | |
| // in a different AWS account.
 | |
| //
 | |
| // Because an alias is not a property of a CMK, you can delete and change the
 | |
| // aliases of a CMK without affecting the CMK. Also, aliases do not appear in
 | |
| // the response from the DescribeKey operation. To get the aliases of all CMKs,
 | |
| // use the ListAliases operation.
 | |
| //
 | |
| // Each CMK can have multiple aliases. To change the alias of a CMK, use DeleteAlias
 | |
| // to delete the current alias and CreateAlias to create a new alias. To associate
 | |
| // an existing alias with a different customer master key (CMK), call UpdateAlias.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation DeleteAlias for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DeleteAlias
 | |
| func (c *KMS) DeleteAlias(input *DeleteAliasInput) (*DeleteAliasOutput, error) {
 | |
| 	req, out := c.DeleteAliasRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // DeleteAliasWithContext is the same as DeleteAlias with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See DeleteAlias for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) DeleteAliasWithContext(ctx aws.Context, input *DeleteAliasInput, opts ...request.Option) (*DeleteAliasOutput, error) {
 | |
| 	req, out := c.DeleteAliasRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opDeleteImportedKeyMaterial = "DeleteImportedKeyMaterial"
 | |
| 
 | |
| // DeleteImportedKeyMaterialRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the DeleteImportedKeyMaterial operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See DeleteImportedKeyMaterial for more information on using the DeleteImportedKeyMaterial
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the DeleteImportedKeyMaterialRequest method.
 | |
| //    req, resp := client.DeleteImportedKeyMaterialRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DeleteImportedKeyMaterial
 | |
| func (c *KMS) DeleteImportedKeyMaterialRequest(input *DeleteImportedKeyMaterialInput) (req *request.Request, output *DeleteImportedKeyMaterialOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opDeleteImportedKeyMaterial,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &DeleteImportedKeyMaterialInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &DeleteImportedKeyMaterialOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // DeleteImportedKeyMaterial API operation for AWS Key Management Service.
 | |
| //
 | |
| // Deletes key material that you previously imported. This operation makes the
 | |
| // specified customer master key (CMK) unusable. For more information about
 | |
| // importing key material into AWS KMS, see Importing Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
 | |
| // in the AWS Key Management Service Developer Guide. You cannot perform this
 | |
| // operation on a CMK in a different AWS account.
 | |
| //
 | |
| // When the specified CMK is in the PendingDeletion state, this operation does
 | |
| // not change the CMK's state. Otherwise, it changes the CMK's state to PendingImport.
 | |
| //
 | |
| // After you delete key material, you can use ImportKeyMaterial to reimport
 | |
| // the same key material into the CMK.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation DeleteImportedKeyMaterial for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DeleteImportedKeyMaterial
 | |
| func (c *KMS) DeleteImportedKeyMaterial(input *DeleteImportedKeyMaterialInput) (*DeleteImportedKeyMaterialOutput, error) {
 | |
| 	req, out := c.DeleteImportedKeyMaterialRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // DeleteImportedKeyMaterialWithContext is the same as DeleteImportedKeyMaterial with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See DeleteImportedKeyMaterial for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) DeleteImportedKeyMaterialWithContext(ctx aws.Context, input *DeleteImportedKeyMaterialInput, opts ...request.Option) (*DeleteImportedKeyMaterialOutput, error) {
 | |
| 	req, out := c.DeleteImportedKeyMaterialRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opDescribeKey = "DescribeKey"
 | |
| 
 | |
| // DescribeKeyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the DescribeKey operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See DescribeKey for more information on using the DescribeKey
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the DescribeKeyRequest method.
 | |
| //    req, resp := client.DescribeKeyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DescribeKey
 | |
| func (c *KMS) DescribeKeyRequest(input *DescribeKeyInput) (req *request.Request, output *DescribeKeyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opDescribeKey,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &DescribeKeyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &DescribeKeyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // DescribeKey API operation for AWS Key Management Service.
 | |
| //
 | |
| // Provides detailed information about the specified customer master key (CMK).
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN or alias ARN in the value of the KeyId parameter.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation DescribeKey for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DescribeKey
 | |
| func (c *KMS) DescribeKey(input *DescribeKeyInput) (*DescribeKeyOutput, error) {
 | |
| 	req, out := c.DescribeKeyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // DescribeKeyWithContext is the same as DescribeKey with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See DescribeKey for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) DescribeKeyWithContext(ctx aws.Context, input *DescribeKeyInput, opts ...request.Option) (*DescribeKeyOutput, error) {
 | |
| 	req, out := c.DescribeKeyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opDisableKey = "DisableKey"
 | |
| 
 | |
| // DisableKeyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the DisableKey operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See DisableKey for more information on using the DisableKey
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the DisableKeyRequest method.
 | |
| //    req, resp := client.DisableKeyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DisableKey
 | |
| func (c *KMS) DisableKeyRequest(input *DisableKeyInput) (req *request.Request, output *DisableKeyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opDisableKey,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &DisableKeyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &DisableKeyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // DisableKey API operation for AWS Key Management Service.
 | |
| //
 | |
| // Sets the state of a customer master key (CMK) to disabled, thereby preventing
 | |
| // its use for cryptographic operations. You cannot perform this operation on
 | |
| // a CMK in a different AWS account.
 | |
| //
 | |
| // For more information about how key state affects the use of a CMK, see How
 | |
| // Key State Affects the Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation DisableKey for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DisableKey
 | |
| func (c *KMS) DisableKey(input *DisableKeyInput) (*DisableKeyOutput, error) {
 | |
| 	req, out := c.DisableKeyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // DisableKeyWithContext is the same as DisableKey with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See DisableKey for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) DisableKeyWithContext(ctx aws.Context, input *DisableKeyInput, opts ...request.Option) (*DisableKeyOutput, error) {
 | |
| 	req, out := c.DisableKeyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opDisableKeyRotation = "DisableKeyRotation"
 | |
| 
 | |
| // DisableKeyRotationRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the DisableKeyRotation operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See DisableKeyRotation for more information on using the DisableKeyRotation
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the DisableKeyRotationRequest method.
 | |
| //    req, resp := client.DisableKeyRotationRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DisableKeyRotation
 | |
| func (c *KMS) DisableKeyRotationRequest(input *DisableKeyRotationInput) (req *request.Request, output *DisableKeyRotationOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opDisableKeyRotation,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &DisableKeyRotationInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &DisableKeyRotationOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // DisableKeyRotation API operation for AWS Key Management Service.
 | |
| //
 | |
| // Disables automatic rotation of the key material for the specified customer
 | |
| // master key (CMK). You cannot perform this operation on a CMK in a different
 | |
| // AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation DisableKeyRotation for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DisableKeyRotation
 | |
| func (c *KMS) DisableKeyRotation(input *DisableKeyRotationInput) (*DisableKeyRotationOutput, error) {
 | |
| 	req, out := c.DisableKeyRotationRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // DisableKeyRotationWithContext is the same as DisableKeyRotation with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See DisableKeyRotation for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) DisableKeyRotationWithContext(ctx aws.Context, input *DisableKeyRotationInput, opts ...request.Option) (*DisableKeyRotationOutput, error) {
 | |
| 	req, out := c.DisableKeyRotationRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opEnableKey = "EnableKey"
 | |
| 
 | |
| // EnableKeyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the EnableKey operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See EnableKey for more information on using the EnableKey
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the EnableKeyRequest method.
 | |
| //    req, resp := client.EnableKeyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKey
 | |
| func (c *KMS) EnableKeyRequest(input *EnableKeyInput) (req *request.Request, output *EnableKeyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opEnableKey,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &EnableKeyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &EnableKeyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // EnableKey API operation for AWS Key Management Service.
 | |
| //
 | |
| // Sets the state of a customer master key (CMK) to enabled, thereby permitting
 | |
| // its use for cryptographic operations. You cannot perform this operation on
 | |
| // a CMK in a different AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation EnableKey for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeLimitExceededException "LimitExceededException"
 | |
| //   The request was rejected because a limit was exceeded. For more information,
 | |
| //   see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKey
 | |
| func (c *KMS) EnableKey(input *EnableKeyInput) (*EnableKeyOutput, error) {
 | |
| 	req, out := c.EnableKeyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // EnableKeyWithContext is the same as EnableKey with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See EnableKey for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) EnableKeyWithContext(ctx aws.Context, input *EnableKeyInput, opts ...request.Option) (*EnableKeyOutput, error) {
 | |
| 	req, out := c.EnableKeyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opEnableKeyRotation = "EnableKeyRotation"
 | |
| 
 | |
| // EnableKeyRotationRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the EnableKeyRotation operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See EnableKeyRotation for more information on using the EnableKeyRotation
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the EnableKeyRotationRequest method.
 | |
| //    req, resp := client.EnableKeyRotationRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKeyRotation
 | |
| func (c *KMS) EnableKeyRotationRequest(input *EnableKeyRotationInput) (req *request.Request, output *EnableKeyRotationOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opEnableKeyRotation,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &EnableKeyRotationInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &EnableKeyRotationOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // EnableKeyRotation API operation for AWS Key Management Service.
 | |
| //
 | |
| // Enables automatic rotation of the key material for the specified customer
 | |
| // master key (CMK). You cannot perform this operation on a CMK in a different
 | |
| // AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation EnableKeyRotation for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKeyRotation
 | |
| func (c *KMS) EnableKeyRotation(input *EnableKeyRotationInput) (*EnableKeyRotationOutput, error) {
 | |
| 	req, out := c.EnableKeyRotationRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // EnableKeyRotationWithContext is the same as EnableKeyRotation with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See EnableKeyRotation for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) EnableKeyRotationWithContext(ctx aws.Context, input *EnableKeyRotationInput, opts ...request.Option) (*EnableKeyRotationOutput, error) {
 | |
| 	req, out := c.EnableKeyRotationRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opEncrypt = "Encrypt"
 | |
| 
 | |
| // EncryptRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the Encrypt operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See Encrypt for more information on using the Encrypt
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the EncryptRequest method.
 | |
| //    req, resp := client.EncryptRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Encrypt
 | |
| func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output *EncryptOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opEncrypt,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &EncryptInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &EncryptOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // Encrypt API operation for AWS Key Management Service.
 | |
| //
 | |
| // Encrypts plaintext into ciphertext by using a customer master key (CMK).
 | |
| // The Encrypt operation has two primary use cases:
 | |
| //
 | |
| //    * You can encrypt up to 4 kilobytes (4096 bytes) of arbitrary data such
 | |
| //    as an RSA key, a database password, or other sensitive information.
 | |
| //
 | |
| //    * To move encrypted data from one AWS region to another, you can use this
 | |
| //    operation to encrypt in the new region the plaintext data key that was
 | |
| //    used to encrypt the data in the original region. This provides you with
 | |
| //    an encrypted copy of the data key that can be decrypted in the new region
 | |
| //    and used there to decrypt the encrypted data.
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN or alias ARN in the value of the KeyId parameter.
 | |
| //
 | |
| // Unless you are moving encrypted data from one region to another, you don't
 | |
| // use this operation to encrypt a generated data key within a region. To get
 | |
| // data keys that are already encrypted, call the GenerateDataKey or GenerateDataKeyWithoutPlaintext
 | |
| // operation. Data keys don't need to be encrypted again by calling Encrypt.
 | |
| //
 | |
| // To encrypt data locally in your application, use the GenerateDataKey operation
 | |
| // to return a plaintext data encryption key and a copy of the key encrypted
 | |
| // under the CMK of your choosing.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation Encrypt for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeKeyUnavailableException "KeyUnavailableException"
 | |
| //   The request was rejected because the specified CMK was not available. The
 | |
| //   request can be retried.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException"
 | |
| //   The request was rejected because the specified KeySpec value is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Encrypt
 | |
| func (c *KMS) Encrypt(input *EncryptInput) (*EncryptOutput, error) {
 | |
| 	req, out := c.EncryptRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // EncryptWithContext is the same as Encrypt with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See Encrypt for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) EncryptWithContext(ctx aws.Context, input *EncryptInput, opts ...request.Option) (*EncryptOutput, error) {
 | |
| 	req, out := c.EncryptRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opGenerateDataKey = "GenerateDataKey"
 | |
| 
 | |
| // GenerateDataKeyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the GenerateDataKey operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See GenerateDataKey for more information on using the GenerateDataKey
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the GenerateDataKeyRequest method.
 | |
| //    req, resp := client.GenerateDataKeyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKey
 | |
| func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request.Request, output *GenerateDataKeyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opGenerateDataKey,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &GenerateDataKeyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &GenerateDataKeyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // GenerateDataKey API operation for AWS Key Management Service.
 | |
| //
 | |
| // Returns a data encryption key that you can use in your application to encrypt
 | |
| // data locally.
 | |
| //
 | |
| // You must specify the customer master key (CMK) under which to generate the
 | |
| // data key. You must also specify the length of the data key using either the
 | |
| // KeySpec or NumberOfBytes field. You must specify one field or the other,
 | |
| // but not both. For common key lengths (128-bit and 256-bit symmetric keys),
 | |
| // we recommend that you use KeySpec. To perform this operation on a CMK in
 | |
| // a different AWS account, specify the key ARN or alias ARN in the value of
 | |
| // the KeyId parameter.
 | |
| //
 | |
| // This operation returns a plaintext copy of the data key in the Plaintext
 | |
| // field of the response, and an encrypted copy of the data key in the CiphertextBlob
 | |
| // field. The data key is encrypted under the CMK specified in the KeyId field
 | |
| // of the request.
 | |
| //
 | |
| // We recommend that you use the following pattern to encrypt data locally in
 | |
| // your application:
 | |
| //
 | |
| // Use this operation (GenerateDataKey) to get a data encryption key.
 | |
| //
 | |
| // Use the plaintext data encryption key (returned in the Plaintext field of
 | |
| // the response) to encrypt data locally, then erase the plaintext data key
 | |
| // from memory.
 | |
| //
 | |
| // Store the encrypted data key (returned in the CiphertextBlob field of the
 | |
| // response) alongside the locally encrypted data.
 | |
| //
 | |
| // To decrypt data locally:
 | |
| //
 | |
| // Use the Decrypt operation to decrypt the encrypted data key into a plaintext
 | |
| // copy of the data key.
 | |
| //
 | |
| // Use the plaintext data key to decrypt data locally, then erase the plaintext
 | |
| // data key from memory.
 | |
| //
 | |
| // To return only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext.
 | |
| // To return a random byte string that is cryptographically secure, use GenerateRandom.
 | |
| //
 | |
| // If you use the optional EncryptionContext field, you must store at least
 | |
| // enough information to be able to reconstruct the full encryption context
 | |
| // when you later send the ciphertext to the Decrypt operation. It is a good
 | |
| // practice to choose an encryption context that you can reconstruct on the
 | |
| // fly to better secure the ciphertext. For more information, see Encryption
 | |
| // Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation GenerateDataKey for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeKeyUnavailableException "KeyUnavailableException"
 | |
| //   The request was rejected because the specified CMK was not available. The
 | |
| //   request can be retried.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException"
 | |
| //   The request was rejected because the specified KeySpec value is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKey
 | |
| func (c *KMS) GenerateDataKey(input *GenerateDataKeyInput) (*GenerateDataKeyOutput, error) {
 | |
| 	req, out := c.GenerateDataKeyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // GenerateDataKeyWithContext is the same as GenerateDataKey with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See GenerateDataKey for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) GenerateDataKeyWithContext(ctx aws.Context, input *GenerateDataKeyInput, opts ...request.Option) (*GenerateDataKeyOutput, error) {
 | |
| 	req, out := c.GenerateDataKeyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opGenerateDataKeyWithoutPlaintext = "GenerateDataKeyWithoutPlaintext"
 | |
| 
 | |
| // GenerateDataKeyWithoutPlaintextRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the GenerateDataKeyWithoutPlaintext operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See GenerateDataKeyWithoutPlaintext for more information on using the GenerateDataKeyWithoutPlaintext
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the GenerateDataKeyWithoutPlaintextRequest method.
 | |
| //    req, resp := client.GenerateDataKeyWithoutPlaintextRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyWithoutPlaintext
 | |
| func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWithoutPlaintextInput) (req *request.Request, output *GenerateDataKeyWithoutPlaintextOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opGenerateDataKeyWithoutPlaintext,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &GenerateDataKeyWithoutPlaintextInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &GenerateDataKeyWithoutPlaintextOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // GenerateDataKeyWithoutPlaintext API operation for AWS Key Management Service.
 | |
| //
 | |
| // Returns a data encryption key encrypted under a customer master key (CMK).
 | |
| // This operation is identical to GenerateDataKey but returns only the encrypted
 | |
| // copy of the data key.
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN or alias ARN in the value of the KeyId parameter.
 | |
| //
 | |
| // This operation is useful in a system that has multiple components with different
 | |
| // degrees of trust. For example, consider a system that stores encrypted data
 | |
| // in containers. Each container stores the encrypted data and an encrypted
 | |
| // copy of the data key. One component of the system, called the control plane,
 | |
| // creates new containers. When it creates a new container, it uses this operation
 | |
| // (GenerateDataKeyWithoutPlaintext) to get an encrypted data key and then stores
 | |
| // it in the container. Later, a different component of the system, called the
 | |
| // data plane, puts encrypted data into the containers. To do this, it passes
 | |
| // the encrypted data key to the Decrypt operation, then uses the returned plaintext
 | |
| // data key to encrypt data, and finally stores the encrypted data in the container.
 | |
| // In this system, the control plane never sees the plaintext data key.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation GenerateDataKeyWithoutPlaintext for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeKeyUnavailableException "KeyUnavailableException"
 | |
| //   The request was rejected because the specified CMK was not available. The
 | |
| //   request can be retried.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException"
 | |
| //   The request was rejected because the specified KeySpec value is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyWithoutPlaintext
 | |
| func (c *KMS) GenerateDataKeyWithoutPlaintext(input *GenerateDataKeyWithoutPlaintextInput) (*GenerateDataKeyWithoutPlaintextOutput, error) {
 | |
| 	req, out := c.GenerateDataKeyWithoutPlaintextRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // GenerateDataKeyWithoutPlaintextWithContext is the same as GenerateDataKeyWithoutPlaintext with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See GenerateDataKeyWithoutPlaintext for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) GenerateDataKeyWithoutPlaintextWithContext(ctx aws.Context, input *GenerateDataKeyWithoutPlaintextInput, opts ...request.Option) (*GenerateDataKeyWithoutPlaintextOutput, error) {
 | |
| 	req, out := c.GenerateDataKeyWithoutPlaintextRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opGenerateRandom = "GenerateRandom"
 | |
| 
 | |
| // GenerateRandomRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the GenerateRandom operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See GenerateRandom for more information on using the GenerateRandom
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the GenerateRandomRequest method.
 | |
| //    req, resp := client.GenerateRandomRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateRandom
 | |
| func (c *KMS) GenerateRandomRequest(input *GenerateRandomInput) (req *request.Request, output *GenerateRandomOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opGenerateRandom,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &GenerateRandomInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &GenerateRandomOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // GenerateRandom API operation for AWS Key Management Service.
 | |
| //
 | |
| // Returns a random byte string that is cryptographically secure.
 | |
| //
 | |
| // For more information about entropy and random number generation, see the
 | |
| // AWS Key Management Service Cryptographic Details (https://d0.awsstatic.com/whitepapers/KMS-Cryptographic-Details.pdf)
 | |
| // whitepaper.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation GenerateRandom for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateRandom
 | |
| func (c *KMS) GenerateRandom(input *GenerateRandomInput) (*GenerateRandomOutput, error) {
 | |
| 	req, out := c.GenerateRandomRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // GenerateRandomWithContext is the same as GenerateRandom with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See GenerateRandom for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) GenerateRandomWithContext(ctx aws.Context, input *GenerateRandomInput, opts ...request.Option) (*GenerateRandomOutput, error) {
 | |
| 	req, out := c.GenerateRandomRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opGetKeyPolicy = "GetKeyPolicy"
 | |
| 
 | |
| // GetKeyPolicyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the GetKeyPolicy operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See GetKeyPolicy for more information on using the GetKeyPolicy
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the GetKeyPolicyRequest method.
 | |
| //    req, resp := client.GetKeyPolicyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicy
 | |
| func (c *KMS) GetKeyPolicyRequest(input *GetKeyPolicyInput) (req *request.Request, output *GetKeyPolicyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opGetKeyPolicy,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &GetKeyPolicyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &GetKeyPolicyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // GetKeyPolicy API operation for AWS Key Management Service.
 | |
| //
 | |
| // Gets a key policy attached to the specified customer master key (CMK). You
 | |
| // cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation GetKeyPolicy for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicy
 | |
| func (c *KMS) GetKeyPolicy(input *GetKeyPolicyInput) (*GetKeyPolicyOutput, error) {
 | |
| 	req, out := c.GetKeyPolicyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // GetKeyPolicyWithContext is the same as GetKeyPolicy with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See GetKeyPolicy for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) GetKeyPolicyWithContext(ctx aws.Context, input *GetKeyPolicyInput, opts ...request.Option) (*GetKeyPolicyOutput, error) {
 | |
| 	req, out := c.GetKeyPolicyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opGetKeyRotationStatus = "GetKeyRotationStatus"
 | |
| 
 | |
| // GetKeyRotationStatusRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the GetKeyRotationStatus operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See GetKeyRotationStatus for more information on using the GetKeyRotationStatus
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the GetKeyRotationStatusRequest method.
 | |
| //    req, resp := client.GetKeyRotationStatusRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyRotationStatus
 | |
| func (c *KMS) GetKeyRotationStatusRequest(input *GetKeyRotationStatusInput) (req *request.Request, output *GetKeyRotationStatusOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opGetKeyRotationStatus,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &GetKeyRotationStatusInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &GetKeyRotationStatusOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // GetKeyRotationStatus API operation for AWS Key Management Service.
 | |
| //
 | |
| // Gets a Boolean value that indicates whether automatic rotation of the key
 | |
| // material is enabled for the specified customer master key (CMK).
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN in the value of the KeyId parameter.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation GetKeyRotationStatus for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyRotationStatus
 | |
| func (c *KMS) GetKeyRotationStatus(input *GetKeyRotationStatusInput) (*GetKeyRotationStatusOutput, error) {
 | |
| 	req, out := c.GetKeyRotationStatusRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // GetKeyRotationStatusWithContext is the same as GetKeyRotationStatus with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See GetKeyRotationStatus for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) GetKeyRotationStatusWithContext(ctx aws.Context, input *GetKeyRotationStatusInput, opts ...request.Option) (*GetKeyRotationStatusOutput, error) {
 | |
| 	req, out := c.GetKeyRotationStatusRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opGetParametersForImport = "GetParametersForImport"
 | |
| 
 | |
| // GetParametersForImportRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the GetParametersForImport operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See GetParametersForImport for more information on using the GetParametersForImport
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the GetParametersForImportRequest method.
 | |
| //    req, resp := client.GetParametersForImportRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetParametersForImport
 | |
| func (c *KMS) GetParametersForImportRequest(input *GetParametersForImportInput) (req *request.Request, output *GetParametersForImportOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opGetParametersForImport,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &GetParametersForImportInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &GetParametersForImportOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // GetParametersForImport API operation for AWS Key Management Service.
 | |
| //
 | |
| // Returns the items you need in order to import key material into AWS KMS from
 | |
| // your existing key management infrastructure. For more information about importing
 | |
| // key material into AWS KMS, see Importing Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // You must specify the key ID of the customer master key (CMK) into which you
 | |
| // will import key material. This CMK's Origin must be EXTERNAL. You must also
 | |
| // specify the wrapping algorithm and type of wrapping key (public key) that
 | |
| // you will use to encrypt the key material. You cannot perform this operation
 | |
| // on a CMK in a different AWS account.
 | |
| //
 | |
| // This operation returns a public key and an import token. Use the public key
 | |
| // to encrypt the key material. Store the import token to send with a subsequent
 | |
| // ImportKeyMaterial request. The public key and import token from the same
 | |
| // response must be used together. These items are valid for 24 hours. When
 | |
| // they expire, they cannot be used for a subsequent ImportKeyMaterial request.
 | |
| // To get new ones, send another GetParametersForImport request.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation GetParametersForImport for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetParametersForImport
 | |
| func (c *KMS) GetParametersForImport(input *GetParametersForImportInput) (*GetParametersForImportOutput, error) {
 | |
| 	req, out := c.GetParametersForImportRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // GetParametersForImportWithContext is the same as GetParametersForImport with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See GetParametersForImport for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) GetParametersForImportWithContext(ctx aws.Context, input *GetParametersForImportInput, opts ...request.Option) (*GetParametersForImportOutput, error) {
 | |
| 	req, out := c.GetParametersForImportRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opImportKeyMaterial = "ImportKeyMaterial"
 | |
| 
 | |
| // ImportKeyMaterialRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ImportKeyMaterial operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ImportKeyMaterial for more information on using the ImportKeyMaterial
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ImportKeyMaterialRequest method.
 | |
| //    req, resp := client.ImportKeyMaterialRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ImportKeyMaterial
 | |
| func (c *KMS) ImportKeyMaterialRequest(input *ImportKeyMaterialInput) (req *request.Request, output *ImportKeyMaterialOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opImportKeyMaterial,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ImportKeyMaterialInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ImportKeyMaterialOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ImportKeyMaterial API operation for AWS Key Management Service.
 | |
| //
 | |
| // Imports key material into an existing AWS KMS customer master key (CMK) that
 | |
| // was created without key material. You cannot perform this operation on a
 | |
| // CMK in a different AWS account. For more information about creating CMKs
 | |
| // with no key material and then importing key material, see Importing Key Material
 | |
| // (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Before using this operation, call GetParametersForImport. Its response includes
 | |
| // a public key and an import token. Use the public key to encrypt the key material.
 | |
| // Then, submit the import token from the same GetParametersForImport response.
 | |
| //
 | |
| // When calling this operation, you must specify the following values:
 | |
| //
 | |
| //    * The key ID or key ARN of a CMK with no key material. Its Origin must
 | |
| //    be EXTERNAL.
 | |
| //
 | |
| // To create a CMK with no key material, call CreateKey and set the value of
 | |
| //    its Origin parameter to EXTERNAL. To get the Origin of a CMK, call DescribeKey.)
 | |
| //
 | |
| //    * The encrypted key material. To get the public key to encrypt the key
 | |
| //    material, call GetParametersForImport.
 | |
| //
 | |
| //    * The import token that GetParametersForImport returned. This token and
 | |
| //    the public key used to encrypt the key material must have come from the
 | |
| //    same response.
 | |
| //
 | |
| //    * Whether the key material expires and if so, when. If you set an expiration
 | |
| //    date, you can change it only by reimporting the same key material and
 | |
| //    specifying a new expiration date. If the key material expires, AWS KMS
 | |
| //    deletes the key material and the CMK becomes unusable. To use the CMK
 | |
| //    again, you must reimport the same key material.
 | |
| //
 | |
| // When this operation is successful, the CMK's key state changes from PendingImport
 | |
| // to Enabled, and you can use the CMK. After you successfully import key material
 | |
| // into a CMK, you can reimport the same key material into that CMK, but you
 | |
| // cannot import different key material.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ImportKeyMaterial for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeInvalidCiphertextException "InvalidCiphertextException"
 | |
| //   The request was rejected because the specified ciphertext, or additional
 | |
| //   authenticated data incorporated into the ciphertext, such as the encryption
 | |
| //   context, is corrupted, missing, or otherwise invalid.
 | |
| //
 | |
| //   * ErrCodeIncorrectKeyMaterialException "IncorrectKeyMaterialException"
 | |
| //   The request was rejected because the provided key material is invalid or
 | |
| //   is not the same key material that was previously imported into this customer
 | |
| //   master key (CMK).
 | |
| //
 | |
| //   * ErrCodeExpiredImportTokenException "ExpiredImportTokenException"
 | |
| //   The request was rejected because the provided import token is expired. Use
 | |
| //   GetParametersForImport to get a new import token and public key, use the
 | |
| //   new public key to encrypt the key material, and then try the request again.
 | |
| //
 | |
| //   * ErrCodeInvalidImportTokenException "InvalidImportTokenException"
 | |
| //   The request was rejected because the provided import token is invalid or
 | |
| //   is associated with a different customer master key (CMK).
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ImportKeyMaterial
 | |
| func (c *KMS) ImportKeyMaterial(input *ImportKeyMaterialInput) (*ImportKeyMaterialOutput, error) {
 | |
| 	req, out := c.ImportKeyMaterialRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ImportKeyMaterialWithContext is the same as ImportKeyMaterial with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ImportKeyMaterial for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ImportKeyMaterialWithContext(ctx aws.Context, input *ImportKeyMaterialInput, opts ...request.Option) (*ImportKeyMaterialOutput, error) {
 | |
| 	req, out := c.ImportKeyMaterialRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opListAliases = "ListAliases"
 | |
| 
 | |
| // ListAliasesRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ListAliases operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ListAliases for more information on using the ListAliases
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ListAliasesRequest method.
 | |
| //    req, resp := client.ListAliasesRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListAliases
 | |
| func (c *KMS) ListAliasesRequest(input *ListAliasesInput) (req *request.Request, output *ListAliasesOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opListAliases,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 		Paginator: &request.Paginator{
 | |
| 			InputTokens:     []string{"Marker"},
 | |
| 			OutputTokens:    []string{"NextMarker"},
 | |
| 			LimitToken:      "Limit",
 | |
| 			TruncationToken: "Truncated",
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ListAliasesInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ListAliasesOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ListAliases API operation for AWS Key Management Service.
 | |
| //
 | |
| // Gets a list of all aliases in the caller's AWS account and region. You cannot
 | |
| // list aliases in other accounts. For more information about aliases, see CreateAlias.
 | |
| //
 | |
| // The response might include several aliases that do not have a TargetKeyId
 | |
| // field because they are not associated with a CMK. These are predefined aliases
 | |
| // that are reserved for CMKs managed by AWS services. If an alias is not associated
 | |
| // with a CMK, the alias does not count against the alias limit (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit)
 | |
| // for your account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ListAliases for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidMarkerException "InvalidMarkerException"
 | |
| //   The request was rejected because the marker that specifies where pagination
 | |
| //   should next begin is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListAliases
 | |
| func (c *KMS) ListAliases(input *ListAliasesInput) (*ListAliasesOutput, error) {
 | |
| 	req, out := c.ListAliasesRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListAliasesWithContext is the same as ListAliases with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ListAliases for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListAliasesWithContext(ctx aws.Context, input *ListAliasesInput, opts ...request.Option) (*ListAliasesOutput, error) {
 | |
| 	req, out := c.ListAliasesRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListAliasesPages iterates over the pages of a ListAliases operation,
 | |
| // calling the "fn" function with the response data for each page. To stop
 | |
| // iterating, return false from the fn function.
 | |
| //
 | |
| // See ListAliases method for more information on how to use this operation.
 | |
| //
 | |
| // Note: This operation can generate multiple requests to a service.
 | |
| //
 | |
| //    // Example iterating over at most 3 pages of a ListAliases operation.
 | |
| //    pageNum := 0
 | |
| //    err := client.ListAliasesPages(params,
 | |
| //        func(page *ListAliasesOutput, lastPage bool) bool {
 | |
| //            pageNum++
 | |
| //            fmt.Println(page)
 | |
| //            return pageNum <= 3
 | |
| //        })
 | |
| //
 | |
| func (c *KMS) ListAliasesPages(input *ListAliasesInput, fn func(*ListAliasesOutput, bool) bool) error {
 | |
| 	return c.ListAliasesPagesWithContext(aws.BackgroundContext(), input, fn)
 | |
| }
 | |
| 
 | |
| // ListAliasesPagesWithContext same as ListAliasesPages except
 | |
| // it takes a Context and allows setting request options on the pages.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListAliasesPagesWithContext(ctx aws.Context, input *ListAliasesInput, fn func(*ListAliasesOutput, bool) bool, opts ...request.Option) error {
 | |
| 	p := request.Pagination{
 | |
| 		NewRequest: func() (*request.Request, error) {
 | |
| 			var inCpy *ListAliasesInput
 | |
| 			if input != nil {
 | |
| 				tmp := *input
 | |
| 				inCpy = &tmp
 | |
| 			}
 | |
| 			req, _ := c.ListAliasesRequest(inCpy)
 | |
| 			req.SetContext(ctx)
 | |
| 			req.ApplyOptions(opts...)
 | |
| 			return req, nil
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	cont := true
 | |
| 	for p.Next() && cont {
 | |
| 		cont = fn(p.Page().(*ListAliasesOutput), !p.HasNextPage())
 | |
| 	}
 | |
| 	return p.Err()
 | |
| }
 | |
| 
 | |
| const opListGrants = "ListGrants"
 | |
| 
 | |
| // ListGrantsRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ListGrants operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ListGrants for more information on using the ListGrants
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ListGrantsRequest method.
 | |
| //    req, resp := client.ListGrantsRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListGrants
 | |
| func (c *KMS) ListGrantsRequest(input *ListGrantsInput) (req *request.Request, output *ListGrantsResponse) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opListGrants,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 		Paginator: &request.Paginator{
 | |
| 			InputTokens:     []string{"Marker"},
 | |
| 			OutputTokens:    []string{"NextMarker"},
 | |
| 			LimitToken:      "Limit",
 | |
| 			TruncationToken: "Truncated",
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ListGrantsInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ListGrantsResponse{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ListGrants API operation for AWS Key Management Service.
 | |
| //
 | |
| // Gets a list of all grants for the specified customer master key (CMK).
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN in the value of the KeyId parameter.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ListGrants for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidMarkerException "InvalidMarkerException"
 | |
| //   The request was rejected because the marker that specifies where pagination
 | |
| //   should next begin is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListGrants
 | |
| func (c *KMS) ListGrants(input *ListGrantsInput) (*ListGrantsResponse, error) {
 | |
| 	req, out := c.ListGrantsRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListGrantsWithContext is the same as ListGrants with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ListGrants for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListGrantsWithContext(ctx aws.Context, input *ListGrantsInput, opts ...request.Option) (*ListGrantsResponse, error) {
 | |
| 	req, out := c.ListGrantsRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListGrantsPages iterates over the pages of a ListGrants operation,
 | |
| // calling the "fn" function with the response data for each page. To stop
 | |
| // iterating, return false from the fn function.
 | |
| //
 | |
| // See ListGrants method for more information on how to use this operation.
 | |
| //
 | |
| // Note: This operation can generate multiple requests to a service.
 | |
| //
 | |
| //    // Example iterating over at most 3 pages of a ListGrants operation.
 | |
| //    pageNum := 0
 | |
| //    err := client.ListGrantsPages(params,
 | |
| //        func(page *ListGrantsResponse, lastPage bool) bool {
 | |
| //            pageNum++
 | |
| //            fmt.Println(page)
 | |
| //            return pageNum <= 3
 | |
| //        })
 | |
| //
 | |
| func (c *KMS) ListGrantsPages(input *ListGrantsInput, fn func(*ListGrantsResponse, bool) bool) error {
 | |
| 	return c.ListGrantsPagesWithContext(aws.BackgroundContext(), input, fn)
 | |
| }
 | |
| 
 | |
| // ListGrantsPagesWithContext same as ListGrantsPages except
 | |
| // it takes a Context and allows setting request options on the pages.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListGrantsPagesWithContext(ctx aws.Context, input *ListGrantsInput, fn func(*ListGrantsResponse, bool) bool, opts ...request.Option) error {
 | |
| 	p := request.Pagination{
 | |
| 		NewRequest: func() (*request.Request, error) {
 | |
| 			var inCpy *ListGrantsInput
 | |
| 			if input != nil {
 | |
| 				tmp := *input
 | |
| 				inCpy = &tmp
 | |
| 			}
 | |
| 			req, _ := c.ListGrantsRequest(inCpy)
 | |
| 			req.SetContext(ctx)
 | |
| 			req.ApplyOptions(opts...)
 | |
| 			return req, nil
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	cont := true
 | |
| 	for p.Next() && cont {
 | |
| 		cont = fn(p.Page().(*ListGrantsResponse), !p.HasNextPage())
 | |
| 	}
 | |
| 	return p.Err()
 | |
| }
 | |
| 
 | |
| const opListKeyPolicies = "ListKeyPolicies"
 | |
| 
 | |
| // ListKeyPoliciesRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ListKeyPolicies operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ListKeyPolicies for more information on using the ListKeyPolicies
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ListKeyPoliciesRequest method.
 | |
| //    req, resp := client.ListKeyPoliciesRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyPolicies
 | |
| func (c *KMS) ListKeyPoliciesRequest(input *ListKeyPoliciesInput) (req *request.Request, output *ListKeyPoliciesOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opListKeyPolicies,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 		Paginator: &request.Paginator{
 | |
| 			InputTokens:     []string{"Marker"},
 | |
| 			OutputTokens:    []string{"NextMarker"},
 | |
| 			LimitToken:      "Limit",
 | |
| 			TruncationToken: "Truncated",
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ListKeyPoliciesInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ListKeyPoliciesOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ListKeyPolicies API operation for AWS Key Management Service.
 | |
| //
 | |
| // Gets the names of the key policies that are attached to a customer master
 | |
| // key (CMK). This operation is designed to get policy names that you can use
 | |
| // in a GetKeyPolicy operation. However, the only valid policy name is default.
 | |
| // You cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ListKeyPolicies for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyPolicies
 | |
| func (c *KMS) ListKeyPolicies(input *ListKeyPoliciesInput) (*ListKeyPoliciesOutput, error) {
 | |
| 	req, out := c.ListKeyPoliciesRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListKeyPoliciesWithContext is the same as ListKeyPolicies with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ListKeyPolicies for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListKeyPoliciesWithContext(ctx aws.Context, input *ListKeyPoliciesInput, opts ...request.Option) (*ListKeyPoliciesOutput, error) {
 | |
| 	req, out := c.ListKeyPoliciesRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListKeyPoliciesPages iterates over the pages of a ListKeyPolicies operation,
 | |
| // calling the "fn" function with the response data for each page. To stop
 | |
| // iterating, return false from the fn function.
 | |
| //
 | |
| // See ListKeyPolicies method for more information on how to use this operation.
 | |
| //
 | |
| // Note: This operation can generate multiple requests to a service.
 | |
| //
 | |
| //    // Example iterating over at most 3 pages of a ListKeyPolicies operation.
 | |
| //    pageNum := 0
 | |
| //    err := client.ListKeyPoliciesPages(params,
 | |
| //        func(page *ListKeyPoliciesOutput, lastPage bool) bool {
 | |
| //            pageNum++
 | |
| //            fmt.Println(page)
 | |
| //            return pageNum <= 3
 | |
| //        })
 | |
| //
 | |
| func (c *KMS) ListKeyPoliciesPages(input *ListKeyPoliciesInput, fn func(*ListKeyPoliciesOutput, bool) bool) error {
 | |
| 	return c.ListKeyPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
 | |
| }
 | |
| 
 | |
| // ListKeyPoliciesPagesWithContext same as ListKeyPoliciesPages except
 | |
| // it takes a Context and allows setting request options on the pages.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListKeyPoliciesPagesWithContext(ctx aws.Context, input *ListKeyPoliciesInput, fn func(*ListKeyPoliciesOutput, bool) bool, opts ...request.Option) error {
 | |
| 	p := request.Pagination{
 | |
| 		NewRequest: func() (*request.Request, error) {
 | |
| 			var inCpy *ListKeyPoliciesInput
 | |
| 			if input != nil {
 | |
| 				tmp := *input
 | |
| 				inCpy = &tmp
 | |
| 			}
 | |
| 			req, _ := c.ListKeyPoliciesRequest(inCpy)
 | |
| 			req.SetContext(ctx)
 | |
| 			req.ApplyOptions(opts...)
 | |
| 			return req, nil
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	cont := true
 | |
| 	for p.Next() && cont {
 | |
| 		cont = fn(p.Page().(*ListKeyPoliciesOutput), !p.HasNextPage())
 | |
| 	}
 | |
| 	return p.Err()
 | |
| }
 | |
| 
 | |
| const opListKeys = "ListKeys"
 | |
| 
 | |
| // ListKeysRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ListKeys operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ListKeys for more information on using the ListKeys
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ListKeysRequest method.
 | |
| //    req, resp := client.ListKeysRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeys
 | |
| func (c *KMS) ListKeysRequest(input *ListKeysInput) (req *request.Request, output *ListKeysOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opListKeys,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 		Paginator: &request.Paginator{
 | |
| 			InputTokens:     []string{"Marker"},
 | |
| 			OutputTokens:    []string{"NextMarker"},
 | |
| 			LimitToken:      "Limit",
 | |
| 			TruncationToken: "Truncated",
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ListKeysInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ListKeysOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ListKeys API operation for AWS Key Management Service.
 | |
| //
 | |
| // Gets a list of all customer master keys (CMKs) in the caller's AWS account
 | |
| // and region.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ListKeys for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidMarkerException "InvalidMarkerException"
 | |
| //   The request was rejected because the marker that specifies where pagination
 | |
| //   should next begin is not valid.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeys
 | |
| func (c *KMS) ListKeys(input *ListKeysInput) (*ListKeysOutput, error) {
 | |
| 	req, out := c.ListKeysRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListKeysWithContext is the same as ListKeys with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ListKeys for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListKeysWithContext(ctx aws.Context, input *ListKeysInput, opts ...request.Option) (*ListKeysOutput, error) {
 | |
| 	req, out := c.ListKeysRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListKeysPages iterates over the pages of a ListKeys operation,
 | |
| // calling the "fn" function with the response data for each page. To stop
 | |
| // iterating, return false from the fn function.
 | |
| //
 | |
| // See ListKeys method for more information on how to use this operation.
 | |
| //
 | |
| // Note: This operation can generate multiple requests to a service.
 | |
| //
 | |
| //    // Example iterating over at most 3 pages of a ListKeys operation.
 | |
| //    pageNum := 0
 | |
| //    err := client.ListKeysPages(params,
 | |
| //        func(page *ListKeysOutput, lastPage bool) bool {
 | |
| //            pageNum++
 | |
| //            fmt.Println(page)
 | |
| //            return pageNum <= 3
 | |
| //        })
 | |
| //
 | |
| func (c *KMS) ListKeysPages(input *ListKeysInput, fn func(*ListKeysOutput, bool) bool) error {
 | |
| 	return c.ListKeysPagesWithContext(aws.BackgroundContext(), input, fn)
 | |
| }
 | |
| 
 | |
| // ListKeysPagesWithContext same as ListKeysPages except
 | |
| // it takes a Context and allows setting request options on the pages.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListKeysPagesWithContext(ctx aws.Context, input *ListKeysInput, fn func(*ListKeysOutput, bool) bool, opts ...request.Option) error {
 | |
| 	p := request.Pagination{
 | |
| 		NewRequest: func() (*request.Request, error) {
 | |
| 			var inCpy *ListKeysInput
 | |
| 			if input != nil {
 | |
| 				tmp := *input
 | |
| 				inCpy = &tmp
 | |
| 			}
 | |
| 			req, _ := c.ListKeysRequest(inCpy)
 | |
| 			req.SetContext(ctx)
 | |
| 			req.ApplyOptions(opts...)
 | |
| 			return req, nil
 | |
| 		},
 | |
| 	}
 | |
| 
 | |
| 	cont := true
 | |
| 	for p.Next() && cont {
 | |
| 		cont = fn(p.Page().(*ListKeysOutput), !p.HasNextPage())
 | |
| 	}
 | |
| 	return p.Err()
 | |
| }
 | |
| 
 | |
| const opListResourceTags = "ListResourceTags"
 | |
| 
 | |
| // ListResourceTagsRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ListResourceTags operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ListResourceTags for more information on using the ListResourceTags
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ListResourceTagsRequest method.
 | |
| //    req, resp := client.ListResourceTagsRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListResourceTags
 | |
| func (c *KMS) ListResourceTagsRequest(input *ListResourceTagsInput) (req *request.Request, output *ListResourceTagsOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opListResourceTags,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ListResourceTagsInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ListResourceTagsOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ListResourceTags API operation for AWS Key Management Service.
 | |
| //
 | |
| // Returns a list of all tags for the specified customer master key (CMK).
 | |
| //
 | |
| // You cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ListResourceTags for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidMarkerException "InvalidMarkerException"
 | |
| //   The request was rejected because the marker that specifies where pagination
 | |
| //   should next begin is not valid.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListResourceTags
 | |
| func (c *KMS) ListResourceTags(input *ListResourceTagsInput) (*ListResourceTagsOutput, error) {
 | |
| 	req, out := c.ListResourceTagsRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListResourceTagsWithContext is the same as ListResourceTags with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ListResourceTags for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListResourceTagsWithContext(ctx aws.Context, input *ListResourceTagsInput, opts ...request.Option) (*ListResourceTagsOutput, error) {
 | |
| 	req, out := c.ListResourceTagsRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opListRetirableGrants = "ListRetirableGrants"
 | |
| 
 | |
| // ListRetirableGrantsRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ListRetirableGrants operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ListRetirableGrants for more information on using the ListRetirableGrants
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ListRetirableGrantsRequest method.
 | |
| //    req, resp := client.ListRetirableGrantsRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListRetirableGrants
 | |
| func (c *KMS) ListRetirableGrantsRequest(input *ListRetirableGrantsInput) (req *request.Request, output *ListGrantsResponse) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opListRetirableGrants,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ListRetirableGrantsInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ListGrantsResponse{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ListRetirableGrants API operation for AWS Key Management Service.
 | |
| //
 | |
| // Returns a list of all grants for which the grant's RetiringPrincipal matches
 | |
| // the one specified.
 | |
| //
 | |
| // A typical use is to list all grants that you are able to retire. To retire
 | |
| // a grant, use RetireGrant.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ListRetirableGrants for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidMarkerException "InvalidMarkerException"
 | |
| //   The request was rejected because the marker that specifies where pagination
 | |
| //   should next begin is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListRetirableGrants
 | |
| func (c *KMS) ListRetirableGrants(input *ListRetirableGrantsInput) (*ListGrantsResponse, error) {
 | |
| 	req, out := c.ListRetirableGrantsRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ListRetirableGrantsWithContext is the same as ListRetirableGrants with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ListRetirableGrants for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ListRetirableGrantsWithContext(ctx aws.Context, input *ListRetirableGrantsInput, opts ...request.Option) (*ListGrantsResponse, error) {
 | |
| 	req, out := c.ListRetirableGrantsRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opPutKeyPolicy = "PutKeyPolicy"
 | |
| 
 | |
| // PutKeyPolicyRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the PutKeyPolicy operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See PutKeyPolicy for more information on using the PutKeyPolicy
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the PutKeyPolicyRequest method.
 | |
| //    req, resp := client.PutKeyPolicyRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/PutKeyPolicy
 | |
| func (c *KMS) PutKeyPolicyRequest(input *PutKeyPolicyInput) (req *request.Request, output *PutKeyPolicyOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opPutKeyPolicy,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &PutKeyPolicyInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &PutKeyPolicyOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // PutKeyPolicy API operation for AWS Key Management Service.
 | |
| //
 | |
| // Attaches a key policy to the specified customer master key (CMK). You cannot
 | |
| // perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // For more information about key policies, see Key Policies (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation PutKeyPolicy for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException"
 | |
| //   The request was rejected because the specified policy is not syntactically
 | |
| //   or semantically correct.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeUnsupportedOperationException "UnsupportedOperationException"
 | |
| //   The request was rejected because a specified parameter is not supported or
 | |
| //   a specified resource is not valid for this operation.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeLimitExceededException "LimitExceededException"
 | |
| //   The request was rejected because a limit was exceeded. For more information,
 | |
| //   see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/PutKeyPolicy
 | |
| func (c *KMS) PutKeyPolicy(input *PutKeyPolicyInput) (*PutKeyPolicyOutput, error) {
 | |
| 	req, out := c.PutKeyPolicyRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // PutKeyPolicyWithContext is the same as PutKeyPolicy with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See PutKeyPolicy for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) PutKeyPolicyWithContext(ctx aws.Context, input *PutKeyPolicyInput, opts ...request.Option) (*PutKeyPolicyOutput, error) {
 | |
| 	req, out := c.PutKeyPolicyRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opReEncrypt = "ReEncrypt"
 | |
| 
 | |
| // ReEncryptRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ReEncrypt operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ReEncrypt for more information on using the ReEncrypt
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ReEncryptRequest method.
 | |
| //    req, resp := client.ReEncryptRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ReEncrypt
 | |
| func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, output *ReEncryptOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opReEncrypt,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ReEncryptInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ReEncryptOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ReEncrypt API operation for AWS Key Management Service.
 | |
| //
 | |
| // Encrypts data on the server side with a new customer master key (CMK) without
 | |
| // exposing the plaintext of the data on the client side. The data is first
 | |
| // decrypted and then reencrypted. You can also use this operation to change
 | |
| // the encryption context of a ciphertext.
 | |
| //
 | |
| // You can reencrypt data using CMKs in different AWS accounts.
 | |
| //
 | |
| // Unlike other operations, ReEncrypt is authorized twice, once as ReEncryptFrom
 | |
| // on the source CMK and once as ReEncryptTo on the destination CMK. We recommend
 | |
| // that you include the "kms:ReEncrypt*" permission in your key policies (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
 | |
| // to permit reencryption from or to the CMK. This permission is automatically
 | |
| // included in the key policy when you create a CMK through the console, but
 | |
| // you must include it manually when you create a CMK programmatically or when
 | |
| // you set a key policy with the PutKeyPolicy operation.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ReEncrypt for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDisabledException "DisabledException"
 | |
| //   The request was rejected because the specified CMK is not enabled.
 | |
| //
 | |
| //   * ErrCodeInvalidCiphertextException "InvalidCiphertextException"
 | |
| //   The request was rejected because the specified ciphertext, or additional
 | |
| //   authenticated data incorporated into the ciphertext, such as the encryption
 | |
| //   context, is corrupted, missing, or otherwise invalid.
 | |
| //
 | |
| //   * ErrCodeKeyUnavailableException "KeyUnavailableException"
 | |
| //   The request was rejected because the specified CMK was not available. The
 | |
| //   request can be retried.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException"
 | |
| //   The request was rejected because the specified KeySpec value is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ReEncrypt
 | |
| func (c *KMS) ReEncrypt(input *ReEncryptInput) (*ReEncryptOutput, error) {
 | |
| 	req, out := c.ReEncryptRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ReEncryptWithContext is the same as ReEncrypt with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ReEncrypt for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ReEncryptWithContext(ctx aws.Context, input *ReEncryptInput, opts ...request.Option) (*ReEncryptOutput, error) {
 | |
| 	req, out := c.ReEncryptRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opRetireGrant = "RetireGrant"
 | |
| 
 | |
| // RetireGrantRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the RetireGrant operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See RetireGrant for more information on using the RetireGrant
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the RetireGrantRequest method.
 | |
| //    req, resp := client.RetireGrantRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RetireGrant
 | |
| func (c *KMS) RetireGrantRequest(input *RetireGrantInput) (req *request.Request, output *RetireGrantOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opRetireGrant,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &RetireGrantInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &RetireGrantOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // RetireGrant API operation for AWS Key Management Service.
 | |
| //
 | |
| // Retires a grant. To clean up, you can retire a grant when you're done using
 | |
| // it. You should revoke a grant when you intend to actively deny operations
 | |
| // that depend on it. The following are permitted to call this API:
 | |
| //
 | |
| //    * The AWS account (root user) under which the grant was created
 | |
| //
 | |
| //    * The RetiringPrincipal, if present in the grant
 | |
| //
 | |
| //    * The GranteePrincipal, if RetireGrant is an operation specified in the
 | |
| //    grant
 | |
| //
 | |
| // You must identify the grant to retire by its grant token or by a combination
 | |
| // of the grant ID and the Amazon Resource Name (ARN) of the customer master
 | |
| // key (CMK). A grant token is a unique variable-length base64-encoded string.
 | |
| // A grant ID is a 64 character unique identifier of a grant. The CreateGrant
 | |
| // operation returns both.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation RetireGrant for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException"
 | |
| //   The request was rejected because the specified grant token is not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantIdException "InvalidGrantIdException"
 | |
| //   The request was rejected because the specified GrantId is not valid.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RetireGrant
 | |
| func (c *KMS) RetireGrant(input *RetireGrantInput) (*RetireGrantOutput, error) {
 | |
| 	req, out := c.RetireGrantRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // RetireGrantWithContext is the same as RetireGrant with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See RetireGrant for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) RetireGrantWithContext(ctx aws.Context, input *RetireGrantInput, opts ...request.Option) (*RetireGrantOutput, error) {
 | |
| 	req, out := c.RetireGrantRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opRevokeGrant = "RevokeGrant"
 | |
| 
 | |
| // RevokeGrantRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the RevokeGrant operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See RevokeGrant for more information on using the RevokeGrant
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the RevokeGrantRequest method.
 | |
| //    req, resp := client.RevokeGrantRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RevokeGrant
 | |
| func (c *KMS) RevokeGrantRequest(input *RevokeGrantInput) (req *request.Request, output *RevokeGrantOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opRevokeGrant,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &RevokeGrantInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &RevokeGrantOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // RevokeGrant API operation for AWS Key Management Service.
 | |
| //
 | |
| // Revokes the specified grant for the specified customer master key (CMK).
 | |
| // You can revoke a grant to actively deny operations that depend on it.
 | |
| //
 | |
| // To perform this operation on a CMK in a different AWS account, specify the
 | |
| // key ARN in the value of the KeyId parameter.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation RevokeGrant for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidGrantIdException "InvalidGrantIdException"
 | |
| //   The request was rejected because the specified GrantId is not valid.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RevokeGrant
 | |
| func (c *KMS) RevokeGrant(input *RevokeGrantInput) (*RevokeGrantOutput, error) {
 | |
| 	req, out := c.RevokeGrantRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // RevokeGrantWithContext is the same as RevokeGrant with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See RevokeGrant for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) RevokeGrantWithContext(ctx aws.Context, input *RevokeGrantInput, opts ...request.Option) (*RevokeGrantOutput, error) {
 | |
| 	req, out := c.RevokeGrantRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opScheduleKeyDeletion = "ScheduleKeyDeletion"
 | |
| 
 | |
| // ScheduleKeyDeletionRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the ScheduleKeyDeletion operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See ScheduleKeyDeletion for more information on using the ScheduleKeyDeletion
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the ScheduleKeyDeletionRequest method.
 | |
| //    req, resp := client.ScheduleKeyDeletionRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ScheduleKeyDeletion
 | |
| func (c *KMS) ScheduleKeyDeletionRequest(input *ScheduleKeyDeletionInput) (req *request.Request, output *ScheduleKeyDeletionOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opScheduleKeyDeletion,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &ScheduleKeyDeletionInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &ScheduleKeyDeletionOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // ScheduleKeyDeletion API operation for AWS Key Management Service.
 | |
| //
 | |
| // Schedules the deletion of a customer master key (CMK). You may provide a
 | |
| // waiting period, specified in days, before deletion occurs. If you do not
 | |
| // provide a waiting period, the default period of 30 days is used. When this
 | |
| // operation is successful, the state of the CMK changes to PendingDeletion.
 | |
| // Before the waiting period ends, you can use CancelKeyDeletion to cancel the
 | |
| // deletion of the CMK. After the waiting period ends, AWS KMS deletes the CMK
 | |
| // and all AWS KMS data associated with it, including all aliases that refer
 | |
| // to it.
 | |
| //
 | |
| // You cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // Deleting a CMK is a destructive and potentially dangerous operation. When
 | |
| // a CMK is deleted, all data that was encrypted under the CMK is rendered unrecoverable.
 | |
| // To restrict the use of a CMK without deleting it, use DisableKey.
 | |
| //
 | |
| // For more information about scheduling a CMK for deletion, see Deleting Customer
 | |
| // Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation ScheduleKeyDeletion for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ScheduleKeyDeletion
 | |
| func (c *KMS) ScheduleKeyDeletion(input *ScheduleKeyDeletionInput) (*ScheduleKeyDeletionOutput, error) {
 | |
| 	req, out := c.ScheduleKeyDeletionRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // ScheduleKeyDeletionWithContext is the same as ScheduleKeyDeletion with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See ScheduleKeyDeletion for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) ScheduleKeyDeletionWithContext(ctx aws.Context, input *ScheduleKeyDeletionInput, opts ...request.Option) (*ScheduleKeyDeletionOutput, error) {
 | |
| 	req, out := c.ScheduleKeyDeletionRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opTagResource = "TagResource"
 | |
| 
 | |
| // TagResourceRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the TagResource operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See TagResource for more information on using the TagResource
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the TagResourceRequest method.
 | |
| //    req, resp := client.TagResourceRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/TagResource
 | |
| func (c *KMS) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opTagResource,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &TagResourceInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &TagResourceOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // TagResource API operation for AWS Key Management Service.
 | |
| //
 | |
| // Adds or overwrites one or more tags for the specified customer master key
 | |
| // (CMK). You cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // Each tag consists of a tag key and a tag value. Tag keys and tag values are
 | |
| // both required, but tag values can be empty (null) strings.
 | |
| //
 | |
| // You cannot use the same tag key more than once per CMK. For example, consider
 | |
| // a CMK with one tag whose tag key is Purpose and tag value is Test. If you
 | |
| // send a TagResource request for this CMK with a tag key of Purpose and a tag
 | |
| // value of Prod, it does not create a second tag. Instead, the original tag
 | |
| // is overwritten with the new tag value.
 | |
| //
 | |
| // For information about the rules that apply to tag keys and tag values, see
 | |
| // User-Defined Tag Restrictions (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)
 | |
| // in the AWS Billing and Cost Management User Guide.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation TagResource for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeLimitExceededException "LimitExceededException"
 | |
| //   The request was rejected because a limit was exceeded. For more information,
 | |
| //   see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeTagException "TagException"
 | |
| //   The request was rejected because one or more tags are not valid.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/TagResource
 | |
| func (c *KMS) TagResource(input *TagResourceInput) (*TagResourceOutput, error) {
 | |
| 	req, out := c.TagResourceRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // TagResourceWithContext is the same as TagResource with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See TagResource for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) {
 | |
| 	req, out := c.TagResourceRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opUntagResource = "UntagResource"
 | |
| 
 | |
| // UntagResourceRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the UntagResource operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See UntagResource for more information on using the UntagResource
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the UntagResourceRequest method.
 | |
| //    req, resp := client.UntagResourceRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UntagResource
 | |
| func (c *KMS) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opUntagResource,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &UntagResourceInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &UntagResourceOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // UntagResource API operation for AWS Key Management Service.
 | |
| //
 | |
| // Removes the specified tag or tags from the specified customer master key
 | |
| // (CMK). You cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // To remove a tag, you specify the tag key for each tag to remove. You do not
 | |
| // specify the tag value. To overwrite the tag value for an existing tag, use
 | |
| // TagResource.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation UntagResource for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| //   * ErrCodeTagException "TagException"
 | |
| //   The request was rejected because one or more tags are not valid.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UntagResource
 | |
| func (c *KMS) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) {
 | |
| 	req, out := c.UntagResourceRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // UntagResourceWithContext is the same as UntagResource with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See UntagResource for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) {
 | |
| 	req, out := c.UntagResourceRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opUpdateAlias = "UpdateAlias"
 | |
| 
 | |
| // UpdateAliasRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the UpdateAlias operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See UpdateAlias for more information on using the UpdateAlias
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the UpdateAliasRequest method.
 | |
| //    req, resp := client.UpdateAliasRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateAlias
 | |
| func (c *KMS) UpdateAliasRequest(input *UpdateAliasInput) (req *request.Request, output *UpdateAliasOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opUpdateAlias,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &UpdateAliasInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &UpdateAliasOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // UpdateAlias API operation for AWS Key Management Service.
 | |
| //
 | |
| // Associates an existing alias with a different customer master key (CMK).
 | |
| // Each CMK can have multiple aliases, but the aliases must be unique within
 | |
| // the account and region. You cannot perform this operation on an alias in
 | |
| // a different AWS account.
 | |
| //
 | |
| // This operation works only on existing aliases. To change the alias of a CMK
 | |
| // to a new value, use CreateAlias to create a new alias and DeleteAlias to
 | |
| // delete the old alias.
 | |
| //
 | |
| // Because an alias is not a property of a CMK, you can create, update, and
 | |
| // delete the aliases of a CMK without affecting the CMK. Also, aliases do not
 | |
| // appear in the response from the DescribeKey operation. To get the aliases
 | |
| // of all CMKs in the account, use the ListAliases operation.
 | |
| //
 | |
| // An alias name can contain only alphanumeric characters, forward slashes (/),
 | |
| // underscores (_), and dashes (-). An alias must start with the word alias
 | |
| // followed by a forward slash (alias/). The alias name can contain only alphanumeric
 | |
| // characters, forward slashes (/), underscores (_), and dashes (-). Alias names
 | |
| // cannot begin with aws; that alias name prefix is reserved by Amazon Web Services
 | |
| // (AWS).
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation UpdateAlias for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateAlias
 | |
| func (c *KMS) UpdateAlias(input *UpdateAliasInput) (*UpdateAliasOutput, error) {
 | |
| 	req, out := c.UpdateAliasRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // UpdateAliasWithContext is the same as UpdateAlias with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See UpdateAlias for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) UpdateAliasWithContext(ctx aws.Context, input *UpdateAliasInput, opts ...request.Option) (*UpdateAliasOutput, error) {
 | |
| 	req, out := c.UpdateAliasRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| const opUpdateKeyDescription = "UpdateKeyDescription"
 | |
| 
 | |
| // UpdateKeyDescriptionRequest generates a "aws/request.Request" representing the
 | |
| // client's request for the UpdateKeyDescription operation. The "output" return
 | |
| // value will be populated with the request's response once the request completes
 | |
| // successfuly.
 | |
| //
 | |
| // Use "Send" method on the returned Request to send the API call to the service.
 | |
| // the "output" return value is not valid until after Send returns without error.
 | |
| //
 | |
| // See UpdateKeyDescription for more information on using the UpdateKeyDescription
 | |
| // API call, and error handling.
 | |
| //
 | |
| // This method is useful when you want to inject custom logic or configuration
 | |
| // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 | |
| //
 | |
| //
 | |
| //    // Example sending a request using the UpdateKeyDescriptionRequest method.
 | |
| //    req, resp := client.UpdateKeyDescriptionRequest(params)
 | |
| //
 | |
| //    err := req.Send()
 | |
| //    if err == nil { // resp is now filled
 | |
| //        fmt.Println(resp)
 | |
| //    }
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateKeyDescription
 | |
| func (c *KMS) UpdateKeyDescriptionRequest(input *UpdateKeyDescriptionInput) (req *request.Request, output *UpdateKeyDescriptionOutput) {
 | |
| 	op := &request.Operation{
 | |
| 		Name:       opUpdateKeyDescription,
 | |
| 		HTTPMethod: "POST",
 | |
| 		HTTPPath:   "/",
 | |
| 	}
 | |
| 
 | |
| 	if input == nil {
 | |
| 		input = &UpdateKeyDescriptionInput{}
 | |
| 	}
 | |
| 
 | |
| 	output = &UpdateKeyDescriptionOutput{}
 | |
| 	req = c.newRequest(op, input, output)
 | |
| 	req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
 | |
| 	req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
 | |
| 	return
 | |
| }
 | |
| 
 | |
| // UpdateKeyDescription API operation for AWS Key Management Service.
 | |
| //
 | |
| // Updates the description of a customer master key (CMK). To see the decription
 | |
| // of a CMK, use DescribeKey.
 | |
| //
 | |
| // You cannot perform this operation on a CMK in a different AWS account.
 | |
| //
 | |
| // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 | |
| // with awserr.Error's Code and Message methods to get detailed information about
 | |
| // the error.
 | |
| //
 | |
| // See the AWS API reference guide for AWS Key Management Service's
 | |
| // API operation UpdateKeyDescription for usage and error information.
 | |
| //
 | |
| // Returned Error Codes:
 | |
| //   * ErrCodeNotFoundException "NotFoundException"
 | |
| //   The request was rejected because the specified entity or resource could not
 | |
| //   be found.
 | |
| //
 | |
| //   * ErrCodeInvalidArnException "InvalidArnException"
 | |
| //   The request was rejected because a specified ARN was not valid.
 | |
| //
 | |
| //   * ErrCodeDependencyTimeoutException "DependencyTimeoutException"
 | |
| //   The system timed out while trying to fulfill the request. The request can
 | |
| //   be retried.
 | |
| //
 | |
| //   * ErrCodeInternalException "KMSInternalException"
 | |
| //   The request was rejected because an internal exception occurred. The request
 | |
| //   can be retried.
 | |
| //
 | |
| //   * ErrCodeInvalidStateException "KMSInvalidStateException"
 | |
| //   The request was rejected because the state of the specified resource is not
 | |
| //   valid for this request.
 | |
| //
 | |
| //   For more information about how key state affects the use of a CMK, see How
 | |
| //   Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| //   in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateKeyDescription
 | |
| func (c *KMS) UpdateKeyDescription(input *UpdateKeyDescriptionInput) (*UpdateKeyDescriptionOutput, error) {
 | |
| 	req, out := c.UpdateKeyDescriptionRequest(input)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // UpdateKeyDescriptionWithContext is the same as UpdateKeyDescription with the addition of
 | |
| // the ability to pass a context and additional request options.
 | |
| //
 | |
| // See UpdateKeyDescription for details on how to use this API operation.
 | |
| //
 | |
| // The context must be non-nil and will be used for request cancellation. If
 | |
| // the context is nil a panic will occur. In the future the SDK may create
 | |
| // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 | |
| // for more information on using Contexts.
 | |
| func (c *KMS) UpdateKeyDescriptionWithContext(ctx aws.Context, input *UpdateKeyDescriptionInput, opts ...request.Option) (*UpdateKeyDescriptionOutput, error) {
 | |
| 	req, out := c.UpdateKeyDescriptionRequest(input)
 | |
| 	req.SetContext(ctx)
 | |
| 	req.ApplyOptions(opts...)
 | |
| 	return out, req.Send()
 | |
| }
 | |
| 
 | |
| // Contains information about an alias.
 | |
| type AliasListEntry struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// String that contains the key ARN.
 | |
| 	AliasArn *string `min:"20" type:"string"`
 | |
| 
 | |
| 	// String that contains the alias.
 | |
| 	AliasName *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// String that contains the key identifier referred to by the alias.
 | |
| 	TargetKeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s AliasListEntry) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s AliasListEntry) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetAliasArn sets the AliasArn field's value.
 | |
| func (s *AliasListEntry) SetAliasArn(v string) *AliasListEntry {
 | |
| 	s.AliasArn = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetAliasName sets the AliasName field's value.
 | |
| func (s *AliasListEntry) SetAliasName(v string) *AliasListEntry {
 | |
| 	s.AliasName = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTargetKeyId sets the TargetKeyId field's value.
 | |
| func (s *AliasListEntry) SetTargetKeyId(v string) *AliasListEntry {
 | |
| 	s.TargetKeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CancelKeyDeletionInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The unique identifier for the customer master key (CMK) for which to cancel
 | |
| 	// deletion.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CancelKeyDeletionInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CancelKeyDeletionInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *CancelKeyDeletionInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "CancelKeyDeletionInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *CancelKeyDeletionInput) SetKeyId(v string) *CancelKeyDeletionInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CancelKeyDeletionOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The unique identifier of the master key for which deletion is canceled.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CancelKeyDeletionOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CancelKeyDeletionOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *CancelKeyDeletionOutput) SetKeyId(v string) *CancelKeyDeletionOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CreateAliasInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// String that contains the display name. The name must start with the word
 | |
| 	// "alias" followed by a forward slash (alias/). Aliases that begin with "alias/AWS"
 | |
| 	// are reserved.
 | |
| 	//
 | |
| 	// AliasName is a required field
 | |
| 	AliasName *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Identifies the CMK for which you are creating the alias. This value cannot
 | |
| 	// be an alias.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// TargetKeyId is a required field
 | |
| 	TargetKeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CreateAliasInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CreateAliasInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *CreateAliasInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "CreateAliasInput"}
 | |
| 	if s.AliasName == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("AliasName"))
 | |
| 	}
 | |
| 	if s.AliasName != nil && len(*s.AliasName) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("AliasName", 1))
 | |
| 	}
 | |
| 	if s.TargetKeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("TargetKeyId"))
 | |
| 	}
 | |
| 	if s.TargetKeyId != nil && len(*s.TargetKeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("TargetKeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetAliasName sets the AliasName field's value.
 | |
| func (s *CreateAliasInput) SetAliasName(v string) *CreateAliasInput {
 | |
| 	s.AliasName = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTargetKeyId sets the TargetKeyId field's value.
 | |
| func (s *CreateAliasInput) SetTargetKeyId(v string) *CreateAliasInput {
 | |
| 	s.TargetKeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CreateAliasOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CreateAliasOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CreateAliasOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type CreateGrantInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A structure that you can use to allow certain operations in the grant only
 | |
| 	// when the desired encryption context is present. For more information about
 | |
| 	// encryption context, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	Constraints *GrantConstraints `type:"structure"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| 
 | |
| 	// The principal that is given permission to perform the operations that the
 | |
| 	// grant permits.
 | |
| 	//
 | |
| 	// To specify the principal, use the Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 | |
| 	// of an AWS principal. Valid AWS principals include AWS accounts (root), IAM
 | |
| 	// users, IAM roles, federated users, and assumed role users. For examples of
 | |
| 	// the ARN syntax to use for specifying a principal, see AWS Identity and Access
 | |
| 	// Management (IAM) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam)
 | |
| 	// in the Example ARNs section of the AWS General Reference.
 | |
| 	//
 | |
| 	// GranteePrincipal is a required field
 | |
| 	GranteePrincipal *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The unique identifier for the customer master key (CMK) that the grant applies
 | |
| 	// to.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// A friendly name for identifying the grant. Use this value to prevent unintended
 | |
| 	// creation of duplicate grants when retrying this request.
 | |
| 	//
 | |
| 	// When this value is absent, all CreateGrant requests result in a new grant
 | |
| 	// with a unique GrantId even if all the supplied parameters are identical.
 | |
| 	// This can result in unintended duplicates when you retry the CreateGrant request.
 | |
| 	//
 | |
| 	// When this value is present, you can retry a CreateGrant request with identical
 | |
| 	// parameters; if the grant already exists, the original GrantId is returned
 | |
| 	// without creating a new grant. Note that the returned grant token is unique
 | |
| 	// with every CreateGrant request, even when a duplicate GrantId is returned.
 | |
| 	// All grant tokens obtained in this way can be used interchangeably.
 | |
| 	Name *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// A list of operations that the grant permits.
 | |
| 	//
 | |
| 	// Operations is a required field
 | |
| 	Operations []*string `type:"list" required:"true"`
 | |
| 
 | |
| 	// The principal that is given permission to retire the grant by using RetireGrant
 | |
| 	// operation.
 | |
| 	//
 | |
| 	// To specify the principal, use the Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 | |
| 	// of an AWS principal. Valid AWS principals include AWS accounts (root), IAM
 | |
| 	// users, federated users, and assumed role users. For examples of the ARN syntax
 | |
| 	// to use for specifying a principal, see AWS Identity and Access Management
 | |
| 	// (IAM) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam)
 | |
| 	// in the Example ARNs section of the AWS General Reference.
 | |
| 	RetiringPrincipal *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CreateGrantInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CreateGrantInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *CreateGrantInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "CreateGrantInput"}
 | |
| 	if s.GranteePrincipal == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("GranteePrincipal"))
 | |
| 	}
 | |
| 	if s.GranteePrincipal != nil && len(*s.GranteePrincipal) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("GranteePrincipal", 1))
 | |
| 	}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Name != nil && len(*s.Name) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
 | |
| 	}
 | |
| 	if s.Operations == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("Operations"))
 | |
| 	}
 | |
| 	if s.RetiringPrincipal != nil && len(*s.RetiringPrincipal) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("RetiringPrincipal", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetConstraints sets the Constraints field's value.
 | |
| func (s *CreateGrantInput) SetConstraints(v *GrantConstraints) *CreateGrantInput {
 | |
| 	s.Constraints = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *CreateGrantInput) SetGrantTokens(v []*string) *CreateGrantInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGranteePrincipal sets the GranteePrincipal field's value.
 | |
| func (s *CreateGrantInput) SetGranteePrincipal(v string) *CreateGrantInput {
 | |
| 	s.GranteePrincipal = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *CreateGrantInput) SetKeyId(v string) *CreateGrantInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetName sets the Name field's value.
 | |
| func (s *CreateGrantInput) SetName(v string) *CreateGrantInput {
 | |
| 	s.Name = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetOperations sets the Operations field's value.
 | |
| func (s *CreateGrantInput) SetOperations(v []*string) *CreateGrantInput {
 | |
| 	s.Operations = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetRetiringPrincipal sets the RetiringPrincipal field's value.
 | |
| func (s *CreateGrantInput) SetRetiringPrincipal(v string) *CreateGrantInput {
 | |
| 	s.RetiringPrincipal = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CreateGrantOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The unique identifier for the grant.
 | |
| 	//
 | |
| 	// You can use the GrantId in a subsequent RetireGrant or RevokeGrant operation.
 | |
| 	GrantId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The grant token.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantToken *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CreateGrantOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CreateGrantOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetGrantId sets the GrantId field's value.
 | |
| func (s *CreateGrantOutput) SetGrantId(v string) *CreateGrantOutput {
 | |
| 	s.GrantId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantToken sets the GrantToken field's value.
 | |
| func (s *CreateGrantOutput) SetGrantToken(v string) *CreateGrantOutput {
 | |
| 	s.GrantToken = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CreateKeyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A flag to indicate whether to bypass the key policy lockout safety check.
 | |
| 	//
 | |
| 	// Setting this value to true increases the risk that the CMK becomes unmanageable.
 | |
| 	// Do not set this value to true indiscriminately.
 | |
| 	//
 | |
| 	// For more information, refer to the scenario in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
 | |
| 	// section in the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	// Use this parameter only when you include a policy in the request and you
 | |
| 	// intend to prevent the principal that is making the request from making a
 | |
| 	// subsequent PutKeyPolicy request on the CMK.
 | |
| 	//
 | |
| 	// The default value is false.
 | |
| 	BypassPolicyLockoutSafetyCheck *bool `type:"boolean"`
 | |
| 
 | |
| 	// A description of the CMK.
 | |
| 	//
 | |
| 	// Use a description that helps you decide whether the CMK is appropriate for
 | |
| 	// a task.
 | |
| 	Description *string `type:"string"`
 | |
| 
 | |
| 	// The intended use of the CMK.
 | |
| 	//
 | |
| 	// You can use CMKs only for symmetric encryption and decryption.
 | |
| 	KeyUsage *string `type:"string" enum:"KeyUsageType"`
 | |
| 
 | |
| 	// The source of the CMK's key material.
 | |
| 	//
 | |
| 	// The default is AWS_KMS, which means AWS KMS creates the key material. When
 | |
| 	// this parameter is set to EXTERNAL, the request creates a CMK without key
 | |
| 	// material so that you can import key material from your existing key management
 | |
| 	// infrastructure. For more information about importing key material into AWS
 | |
| 	// KMS, see Importing Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	// The CMK's Origin is immutable and is set when the CMK is created.
 | |
| 	Origin *string `type:"string" enum:"OriginType"`
 | |
| 
 | |
| 	// The key policy to attach to the CMK.
 | |
| 	//
 | |
| 	// If you provide a key policy, it must meet the following criteria:
 | |
| 	//
 | |
| 	//    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy
 | |
| 	//    must allow the principal that is making the CreateKey request to make
 | |
| 	//    a subsequent PutKeyPolicy request on the CMK. This reduces the risk that
 | |
| 	//    the CMK becomes unmanageable. For more information, refer to the scenario
 | |
| 	//    in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
 | |
| 	//    section of the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	//    * Each statement in the key policy must contain one or more principals.
 | |
| 	//    The principals in the key policy must exist and be visible to AWS KMS.
 | |
| 	//    When you create a new AWS principal (for example, an IAM user or role),
 | |
| 	//    you might need to enforce a delay before including the new principal in
 | |
| 	//    a key policy because the new principal might not be immediately visible
 | |
| 	//    to AWS KMS. For more information, see Changes that I make are not always
 | |
| 	//    immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 | |
| 	//    in the AWS Identity and Access Management User Guide.
 | |
| 	//
 | |
| 	// If you do not provide a key policy, AWS KMS attaches a default key policy
 | |
| 	// to the CMK. For more information, see Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	// The key policy size limit is 32 kilobytes (32768 bytes).
 | |
| 	Policy *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// One or more tags. Each tag consists of a tag key and a tag value. Tag keys
 | |
| 	// and tag values are both required, but tag values can be empty (null) strings.
 | |
| 	//
 | |
| 	// Use this parameter to tag the CMK when it is created. Alternately, you can
 | |
| 	// omit this parameter and instead tag the CMK after it is created using TagResource.
 | |
| 	Tags []*Tag `type:"list"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CreateKeyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CreateKeyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *CreateKeyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "CreateKeyInput"}
 | |
| 	if s.Policy != nil && len(*s.Policy) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Policy", 1))
 | |
| 	}
 | |
| 	if s.Tags != nil {
 | |
| 		for i, v := range s.Tags {
 | |
| 			if v == nil {
 | |
| 				continue
 | |
| 			}
 | |
| 			if err := v.Validate(); err != nil {
 | |
| 				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetBypassPolicyLockoutSafetyCheck sets the BypassPolicyLockoutSafetyCheck field's value.
 | |
| func (s *CreateKeyInput) SetBypassPolicyLockoutSafetyCheck(v bool) *CreateKeyInput {
 | |
| 	s.BypassPolicyLockoutSafetyCheck = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetDescription sets the Description field's value.
 | |
| func (s *CreateKeyInput) SetDescription(v string) *CreateKeyInput {
 | |
| 	s.Description = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyUsage sets the KeyUsage field's value.
 | |
| func (s *CreateKeyInput) SetKeyUsage(v string) *CreateKeyInput {
 | |
| 	s.KeyUsage = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetOrigin sets the Origin field's value.
 | |
| func (s *CreateKeyInput) SetOrigin(v string) *CreateKeyInput {
 | |
| 	s.Origin = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPolicy sets the Policy field's value.
 | |
| func (s *CreateKeyInput) SetPolicy(v string) *CreateKeyInput {
 | |
| 	s.Policy = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTags sets the Tags field's value.
 | |
| func (s *CreateKeyInput) SetTags(v []*Tag) *CreateKeyInput {
 | |
| 	s.Tags = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type CreateKeyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Metadata associated with the CMK.
 | |
| 	KeyMetadata *KeyMetadata `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s CreateKeyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s CreateKeyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeyMetadata sets the KeyMetadata field's value.
 | |
| func (s *CreateKeyOutput) SetKeyMetadata(v *KeyMetadata) *CreateKeyOutput {
 | |
| 	s.KeyMetadata = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DecryptInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Ciphertext to be decrypted. The blob includes metadata.
 | |
| 	//
 | |
| 	// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
 | |
| 	//
 | |
| 	// CiphertextBlob is a required field
 | |
| 	CiphertextBlob []byte `min:"1" type:"blob" required:"true"`
 | |
| 
 | |
| 	// The encryption context. If this was specified in the Encrypt function, it
 | |
| 	// must be specified here or the decryption operation will fail. For more information,
 | |
| 	// see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).
 | |
| 	EncryptionContext map[string]*string `type:"map"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DecryptInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DecryptInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *DecryptInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "DecryptInput"}
 | |
| 	if s.CiphertextBlob == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("CiphertextBlob"))
 | |
| 	}
 | |
| 	if s.CiphertextBlob != nil && len(s.CiphertextBlob) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("CiphertextBlob", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetCiphertextBlob sets the CiphertextBlob field's value.
 | |
| func (s *DecryptInput) SetCiphertextBlob(v []byte) *DecryptInput {
 | |
| 	s.CiphertextBlob = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetEncryptionContext sets the EncryptionContext field's value.
 | |
| func (s *DecryptInput) SetEncryptionContext(v map[string]*string) *DecryptInput {
 | |
| 	s.EncryptionContext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *DecryptInput) SetGrantTokens(v []*string) *DecryptInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DecryptOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// ARN of the key used to perform the decryption. This value is returned if
 | |
| 	// no errors are encountered during the operation.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// Decrypted plaintext data. When you use the HTTP API or the AWS CLI, the value
 | |
| 	// is Base64-encoded. Otherwise, it is not encoded.
 | |
| 	//
 | |
| 	// Plaintext is automatically base64 encoded/decoded by the SDK.
 | |
| 	Plaintext []byte `min:"1" type:"blob"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DecryptOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DecryptOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *DecryptOutput) SetKeyId(v string) *DecryptOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPlaintext sets the Plaintext field's value.
 | |
| func (s *DecryptOutput) SetPlaintext(v []byte) *DecryptOutput {
 | |
| 	s.Plaintext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DeleteAliasInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The alias to be deleted. The name must start with the word "alias" followed
 | |
| 	// by a forward slash (alias/). Aliases that begin with "alias/aws" are reserved.
 | |
| 	//
 | |
| 	// AliasName is a required field
 | |
| 	AliasName *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DeleteAliasInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DeleteAliasInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *DeleteAliasInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "DeleteAliasInput"}
 | |
| 	if s.AliasName == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("AliasName"))
 | |
| 	}
 | |
| 	if s.AliasName != nil && len(*s.AliasName) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("AliasName", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetAliasName sets the AliasName field's value.
 | |
| func (s *DeleteAliasInput) SetAliasName(v string) *DeleteAliasInput {
 | |
| 	s.AliasName = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DeleteAliasOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DeleteAliasOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DeleteAliasOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type DeleteImportedKeyMaterialInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The identifier of the CMK whose key material to delete. The CMK's Origin
 | |
| 	// must be EXTERNAL.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DeleteImportedKeyMaterialInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DeleteImportedKeyMaterialInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *DeleteImportedKeyMaterialInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "DeleteImportedKeyMaterialInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *DeleteImportedKeyMaterialInput) SetKeyId(v string) *DeleteImportedKeyMaterialInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DeleteImportedKeyMaterialOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DeleteImportedKeyMaterialOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DeleteImportedKeyMaterialOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type DescribeKeyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name,
 | |
| 	// or alias ARN. When using an alias name, prefix it with "alias/". To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN or alias ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Alias name: alias/ExampleAlias
 | |
| 	//
 | |
| 	//    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To
 | |
| 	// get the alias name and alias ARN, use ListAliases.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DescribeKeyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DescribeKeyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *DescribeKeyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "DescribeKeyInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *DescribeKeyInput) SetGrantTokens(v []*string) *DescribeKeyInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *DescribeKeyInput) SetKeyId(v string) *DescribeKeyInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DescribeKeyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Metadata associated with the key.
 | |
| 	KeyMetadata *KeyMetadata `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DescribeKeyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DescribeKeyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeyMetadata sets the KeyMetadata field's value.
 | |
| func (s *DescribeKeyOutput) SetKeyMetadata(v *KeyMetadata) *DescribeKeyOutput {
 | |
| 	s.KeyMetadata = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DisableKeyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DisableKeyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DisableKeyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *DisableKeyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "DisableKeyInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *DisableKeyInput) SetKeyId(v string) *DisableKeyInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DisableKeyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DisableKeyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DisableKeyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type DisableKeyRotationInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DisableKeyRotationInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DisableKeyRotationInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *DisableKeyRotationInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "DisableKeyRotationInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *DisableKeyRotationInput) SetKeyId(v string) *DisableKeyRotationInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type DisableKeyRotationOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s DisableKeyRotationOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s DisableKeyRotationOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type EnableKeyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s EnableKeyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s EnableKeyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *EnableKeyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "EnableKeyInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *EnableKeyInput) SetKeyId(v string) *EnableKeyInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type EnableKeyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s EnableKeyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s EnableKeyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type EnableKeyRotationInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s EnableKeyRotationInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s EnableKeyRotationInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *EnableKeyRotationInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "EnableKeyRotationInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *EnableKeyRotationInput) SetKeyId(v string) *EnableKeyRotationInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type EnableKeyRotationOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s EnableKeyRotationOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s EnableKeyRotationOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type EncryptInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Name-value pair that specifies the encryption context to be used for authenticated
 | |
| 	// encryption. If used here, the same value must be supplied to the Decrypt
 | |
| 	// API or decryption will fail. For more information, see Encryption Context
 | |
| 	// (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).
 | |
| 	EncryptionContext map[string]*string `type:"map"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name,
 | |
| 	// or alias ARN. When using an alias name, prefix it with "alias/". To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN or alias ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Alias name: alias/ExampleAlias
 | |
| 	//
 | |
| 	//    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To
 | |
| 	// get the alias name and alias ARN, use ListAliases.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Data to be encrypted.
 | |
| 	//
 | |
| 	// Plaintext is automatically base64 encoded/decoded by the SDK.
 | |
| 	//
 | |
| 	// Plaintext is a required field
 | |
| 	Plaintext []byte `min:"1" type:"blob" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s EncryptInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s EncryptInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *EncryptInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "EncryptInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Plaintext == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("Plaintext"))
 | |
| 	}
 | |
| 	if s.Plaintext != nil && len(s.Plaintext) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Plaintext", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetEncryptionContext sets the EncryptionContext field's value.
 | |
| func (s *EncryptInput) SetEncryptionContext(v map[string]*string) *EncryptInput {
 | |
| 	s.EncryptionContext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *EncryptInput) SetGrantTokens(v []*string) *EncryptInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *EncryptInput) SetKeyId(v string) *EncryptInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPlaintext sets the Plaintext field's value.
 | |
| func (s *EncryptInput) SetPlaintext(v []byte) *EncryptInput {
 | |
| 	s.Plaintext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type EncryptOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The encrypted plaintext. When you use the HTTP API or the AWS CLI, the value
 | |
| 	// is Base64-encoded. Otherwise, it is not encoded.
 | |
| 	//
 | |
| 	// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
 | |
| 	CiphertextBlob []byte `min:"1" type:"blob"`
 | |
| 
 | |
| 	// The ID of the key used during encryption.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s EncryptOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s EncryptOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetCiphertextBlob sets the CiphertextBlob field's value.
 | |
| func (s *EncryptOutput) SetCiphertextBlob(v []byte) *EncryptOutput {
 | |
| 	s.CiphertextBlob = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *EncryptOutput) SetKeyId(v string) *EncryptOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GenerateDataKeyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A set of key-value pairs that represents additional authenticated data.
 | |
| 	//
 | |
| 	// For more information, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	EncryptionContext map[string]*string `type:"map"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| 
 | |
| 	// The identifier of the CMK under which to generate and encrypt the data encryption
 | |
| 	// key.
 | |
| 	//
 | |
| 	// To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name,
 | |
| 	// or alias ARN. When using an alias name, prefix it with "alias/". To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN or alias ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Alias name: alias/ExampleAlias
 | |
| 	//
 | |
| 	//    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To
 | |
| 	// get the alias name and alias ARN, use ListAliases.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The length of the data encryption key. Use AES_128 to generate a 128-bit
 | |
| 	// symmetric key, or AES_256 to generate a 256-bit symmetric key.
 | |
| 	KeySpec *string `type:"string" enum:"DataKeySpec"`
 | |
| 
 | |
| 	// The length of the data encryption key in bytes. For example, use the value
 | |
| 	// 64 to generate a 512-bit data key (64 bytes is 512 bits). For common key
 | |
| 	// lengths (128-bit and 256-bit symmetric keys), we recommend that you use the
 | |
| 	// KeySpec field instead of this one.
 | |
| 	NumberOfBytes *int64 `min:"1" type:"integer"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GenerateDataKeyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GenerateDataKeyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *GenerateDataKeyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "GenerateDataKeyInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.NumberOfBytes != nil && *s.NumberOfBytes < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("NumberOfBytes", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetEncryptionContext sets the EncryptionContext field's value.
 | |
| func (s *GenerateDataKeyInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyInput {
 | |
| 	s.EncryptionContext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *GenerateDataKeyInput) SetGrantTokens(v []*string) *GenerateDataKeyInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GenerateDataKeyInput) SetKeyId(v string) *GenerateDataKeyInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeySpec sets the KeySpec field's value.
 | |
| func (s *GenerateDataKeyInput) SetKeySpec(v string) *GenerateDataKeyInput {
 | |
| 	s.KeySpec = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetNumberOfBytes sets the NumberOfBytes field's value.
 | |
| func (s *GenerateDataKeyInput) SetNumberOfBytes(v int64) *GenerateDataKeyInput {
 | |
| 	s.NumberOfBytes = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GenerateDataKeyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The encrypted data encryption key. When you use the HTTP API or the AWS CLI,
 | |
| 	// the value is Base64-encoded. Otherwise, it is not encoded.
 | |
| 	//
 | |
| 	// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
 | |
| 	CiphertextBlob []byte `min:"1" type:"blob"`
 | |
| 
 | |
| 	// The identifier of the CMK under which the data encryption key was generated
 | |
| 	// and encrypted.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The data encryption key. When you use the HTTP API or the AWS CLI, the value
 | |
| 	// is Base64-encoded. Otherwise, it is not encoded. Use this data key for local
 | |
| 	// encryption and decryption, then remove it from memory as soon as possible.
 | |
| 	//
 | |
| 	// Plaintext is automatically base64 encoded/decoded by the SDK.
 | |
| 	Plaintext []byte `min:"1" type:"blob"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GenerateDataKeyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GenerateDataKeyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetCiphertextBlob sets the CiphertextBlob field's value.
 | |
| func (s *GenerateDataKeyOutput) SetCiphertextBlob(v []byte) *GenerateDataKeyOutput {
 | |
| 	s.CiphertextBlob = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GenerateDataKeyOutput) SetKeyId(v string) *GenerateDataKeyOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPlaintext sets the Plaintext field's value.
 | |
| func (s *GenerateDataKeyOutput) SetPlaintext(v []byte) *GenerateDataKeyOutput {
 | |
| 	s.Plaintext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GenerateDataKeyWithoutPlaintextInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A set of key-value pairs that represents additional authenticated data.
 | |
| 	//
 | |
| 	// For more information, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	EncryptionContext map[string]*string `type:"map"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| 
 | |
| 	// The identifier of the customer master key (CMK) under which to generate and
 | |
| 	// encrypt the data encryption key.
 | |
| 	//
 | |
| 	// To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name,
 | |
| 	// or alias ARN. When using an alias name, prefix it with "alias/". To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN or alias ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Alias name: alias/ExampleAlias
 | |
| 	//
 | |
| 	//    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To
 | |
| 	// get the alias name and alias ARN, use ListAliases.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The length of the data encryption key. Use AES_128 to generate a 128-bit
 | |
| 	// symmetric key, or AES_256 to generate a 256-bit symmetric key.
 | |
| 	KeySpec *string `type:"string" enum:"DataKeySpec"`
 | |
| 
 | |
| 	// The length of the data encryption key in bytes. For example, use the value
 | |
| 	// 64 to generate a 512-bit data key (64 bytes is 512 bits). For common key
 | |
| 	// lengths (128-bit and 256-bit symmetric keys), we recommend that you use the
 | |
| 	// KeySpec field instead of this one.
 | |
| 	NumberOfBytes *int64 `min:"1" type:"integer"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GenerateDataKeyWithoutPlaintextInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GenerateDataKeyWithoutPlaintextInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *GenerateDataKeyWithoutPlaintextInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "GenerateDataKeyWithoutPlaintextInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.NumberOfBytes != nil && *s.NumberOfBytes < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("NumberOfBytes", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetEncryptionContext sets the EncryptionContext field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyWithoutPlaintextInput {
 | |
| 	s.EncryptionContext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextInput) SetGrantTokens(v []*string) *GenerateDataKeyWithoutPlaintextInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextInput) SetKeyId(v string) *GenerateDataKeyWithoutPlaintextInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeySpec sets the KeySpec field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextInput) SetKeySpec(v string) *GenerateDataKeyWithoutPlaintextInput {
 | |
| 	s.KeySpec = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetNumberOfBytes sets the NumberOfBytes field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextInput) SetNumberOfBytes(v int64) *GenerateDataKeyWithoutPlaintextInput {
 | |
| 	s.NumberOfBytes = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GenerateDataKeyWithoutPlaintextOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The encrypted data encryption key. When you use the HTTP API or the AWS CLI,
 | |
| 	// the value is Base64-encoded. Otherwise, it is not encoded.
 | |
| 	//
 | |
| 	// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
 | |
| 	CiphertextBlob []byte `min:"1" type:"blob"`
 | |
| 
 | |
| 	// The identifier of the CMK under which the data encryption key was generated
 | |
| 	// and encrypted.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GenerateDataKeyWithoutPlaintextOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GenerateDataKeyWithoutPlaintextOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetCiphertextBlob sets the CiphertextBlob field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextOutput) SetCiphertextBlob(v []byte) *GenerateDataKeyWithoutPlaintextOutput {
 | |
| 	s.CiphertextBlob = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GenerateDataKeyWithoutPlaintextOutput) SetKeyId(v string) *GenerateDataKeyWithoutPlaintextOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GenerateRandomInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The length of the byte string.
 | |
| 	NumberOfBytes *int64 `min:"1" type:"integer"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GenerateRandomInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GenerateRandomInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *GenerateRandomInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "GenerateRandomInput"}
 | |
| 	if s.NumberOfBytes != nil && *s.NumberOfBytes < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("NumberOfBytes", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetNumberOfBytes sets the NumberOfBytes field's value.
 | |
| func (s *GenerateRandomInput) SetNumberOfBytes(v int64) *GenerateRandomInput {
 | |
| 	s.NumberOfBytes = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GenerateRandomOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The random byte string. When you use the HTTP API or the AWS CLI, the value
 | |
| 	// is Base64-encoded. Otherwise, it is not encoded.
 | |
| 	//
 | |
| 	// Plaintext is automatically base64 encoded/decoded by the SDK.
 | |
| 	Plaintext []byte `min:"1" type:"blob"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GenerateRandomOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GenerateRandomOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetPlaintext sets the Plaintext field's value.
 | |
| func (s *GenerateRandomOutput) SetPlaintext(v []byte) *GenerateRandomOutput {
 | |
| 	s.Plaintext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GetKeyPolicyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Specifies the name of the key policy. The only valid name is default. To
 | |
| 	// get the names of key policies, use ListKeyPolicies.
 | |
| 	//
 | |
| 	// PolicyName is a required field
 | |
| 	PolicyName *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GetKeyPolicyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GetKeyPolicyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *GetKeyPolicyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "GetKeyPolicyInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.PolicyName == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 | |
| 	}
 | |
| 	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GetKeyPolicyInput) SetKeyId(v string) *GetKeyPolicyInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPolicyName sets the PolicyName field's value.
 | |
| func (s *GetKeyPolicyInput) SetPolicyName(v string) *GetKeyPolicyInput {
 | |
| 	s.PolicyName = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GetKeyPolicyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A key policy document in JSON format.
 | |
| 	Policy *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GetKeyPolicyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GetKeyPolicyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetPolicy sets the Policy field's value.
 | |
| func (s *GetKeyPolicyOutput) SetPolicy(v string) *GetKeyPolicyOutput {
 | |
| 	s.Policy = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GetKeyRotationStatusInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GetKeyRotationStatusInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GetKeyRotationStatusInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *GetKeyRotationStatusInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "GetKeyRotationStatusInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GetKeyRotationStatusInput) SetKeyId(v string) *GetKeyRotationStatusInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GetKeyRotationStatusOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A Boolean value that specifies whether key rotation is enabled.
 | |
| 	KeyRotationEnabled *bool `type:"boolean"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GetKeyRotationStatusOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GetKeyRotationStatusOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeyRotationEnabled sets the KeyRotationEnabled field's value.
 | |
| func (s *GetKeyRotationStatusOutput) SetKeyRotationEnabled(v bool) *GetKeyRotationStatusOutput {
 | |
| 	s.KeyRotationEnabled = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GetParametersForImportInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The identifier of the CMK into which you will import key material. The CMK's
 | |
| 	// Origin must be EXTERNAL.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The algorithm you will use to encrypt the key material before importing it
 | |
| 	// with ImportKeyMaterial. For more information, see Encrypt the Key Material
 | |
| 	// (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-encrypt-key-material.html)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	// WrappingAlgorithm is a required field
 | |
| 	WrappingAlgorithm *string `type:"string" required:"true" enum:"AlgorithmSpec"`
 | |
| 
 | |
| 	// The type of wrapping key (public key) to return in the response. Only 2048-bit
 | |
| 	// RSA public keys are supported.
 | |
| 	//
 | |
| 	// WrappingKeySpec is a required field
 | |
| 	WrappingKeySpec *string `type:"string" required:"true" enum:"WrappingKeySpec"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GetParametersForImportInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GetParametersForImportInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *GetParametersForImportInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "GetParametersForImportInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.WrappingAlgorithm == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("WrappingAlgorithm"))
 | |
| 	}
 | |
| 	if s.WrappingKeySpec == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("WrappingKeySpec"))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GetParametersForImportInput) SetKeyId(v string) *GetParametersForImportInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetWrappingAlgorithm sets the WrappingAlgorithm field's value.
 | |
| func (s *GetParametersForImportInput) SetWrappingAlgorithm(v string) *GetParametersForImportInput {
 | |
| 	s.WrappingAlgorithm = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetWrappingKeySpec sets the WrappingKeySpec field's value.
 | |
| func (s *GetParametersForImportInput) SetWrappingKeySpec(v string) *GetParametersForImportInput {
 | |
| 	s.WrappingKeySpec = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type GetParametersForImportOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The import token to send in a subsequent ImportKeyMaterial request.
 | |
| 	//
 | |
| 	// ImportToken is automatically base64 encoded/decoded by the SDK.
 | |
| 	ImportToken []byte `min:"1" type:"blob"`
 | |
| 
 | |
| 	// The identifier of the CMK to use in a subsequent ImportKeyMaterial request.
 | |
| 	// This is the same CMK specified in the GetParametersForImport request.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The time at which the import token and public key are no longer valid. After
 | |
| 	// this time, you cannot use them to make an ImportKeyMaterial request and you
 | |
| 	// must send another GetParametersForImport request to get new ones.
 | |
| 	ParametersValidTo *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| 
 | |
| 	// The public key to use to encrypt the key material before importing it with
 | |
| 	// ImportKeyMaterial.
 | |
| 	//
 | |
| 	// PublicKey is automatically base64 encoded/decoded by the SDK.
 | |
| 	PublicKey []byte `min:"1" type:"blob"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GetParametersForImportOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GetParametersForImportOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetImportToken sets the ImportToken field's value.
 | |
| func (s *GetParametersForImportOutput) SetImportToken(v []byte) *GetParametersForImportOutput {
 | |
| 	s.ImportToken = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GetParametersForImportOutput) SetKeyId(v string) *GetParametersForImportOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetParametersValidTo sets the ParametersValidTo field's value.
 | |
| func (s *GetParametersForImportOutput) SetParametersValidTo(v time.Time) *GetParametersForImportOutput {
 | |
| 	s.ParametersValidTo = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPublicKey sets the PublicKey field's value.
 | |
| func (s *GetParametersForImportOutput) SetPublicKey(v []byte) *GetParametersForImportOutput {
 | |
| 	s.PublicKey = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // A structure that you can use to allow certain operations in the grant only
 | |
| // when the desired encryption context is present. For more information about
 | |
| // encryption context, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 | |
| // in the AWS Key Management Service Developer Guide.
 | |
| //
 | |
| // Grant constraints apply only to operations that accept encryption context
 | |
| // as input. For example, the DescribeKey operation does not accept encryption
 | |
| // context as input. A grant that allows the DescribeKey operation does so regardless
 | |
| // of the grant constraints. In constrast, the Encrypt operation accepts encryption
 | |
| // context as input. A grant that allows the Encrypt operation does so only
 | |
| // when the encryption context of the Encrypt operation satisfies the grant
 | |
| // constraints.
 | |
| type GrantConstraints struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A list of key-value pairs that must be present in the encryption context
 | |
| 	// of certain subsequent operations that the grant allows. When certain subsequent
 | |
| 	// operations allowed by the grant include encryption context that matches this
 | |
| 	// list, the grant allows the operation. Otherwise, the grant does not allow
 | |
| 	// the operation.
 | |
| 	EncryptionContextEquals map[string]*string `type:"map"`
 | |
| 
 | |
| 	// A list of key-value pairs, all of which must be present in the encryption
 | |
| 	// context of certain subsequent operations that the grant allows. When certain
 | |
| 	// subsequent operations allowed by the grant include encryption context that
 | |
| 	// matches this list or is a superset of this list, the grant allows the operation.
 | |
| 	// Otherwise, the grant does not allow the operation.
 | |
| 	EncryptionContextSubset map[string]*string `type:"map"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GrantConstraints) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GrantConstraints) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetEncryptionContextEquals sets the EncryptionContextEquals field's value.
 | |
| func (s *GrantConstraints) SetEncryptionContextEquals(v map[string]*string) *GrantConstraints {
 | |
| 	s.EncryptionContextEquals = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetEncryptionContextSubset sets the EncryptionContextSubset field's value.
 | |
| func (s *GrantConstraints) SetEncryptionContextSubset(v map[string]*string) *GrantConstraints {
 | |
| 	s.EncryptionContextSubset = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // Contains information about an entry in a list of grants.
 | |
| type GrantListEntry struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A list of key-value pairs that must be present in the encryption context
 | |
| 	// of certain subsequent operations that the grant allows.
 | |
| 	Constraints *GrantConstraints `type:"structure"`
 | |
| 
 | |
| 	// The date and time when the grant was created.
 | |
| 	CreationDate *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| 
 | |
| 	// The unique identifier for the grant.
 | |
| 	GrantId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The principal that receives the grant's permissions.
 | |
| 	GranteePrincipal *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The AWS account under which the grant was issued.
 | |
| 	IssuingAccount *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The unique identifier for the customer master key (CMK) to which the grant
 | |
| 	// applies.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The friendly name that identifies the grant. If a name was provided in the
 | |
| 	// CreateGrant request, that name is returned. Otherwise this value is null.
 | |
| 	Name *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The list of operations permitted by the grant.
 | |
| 	Operations []*string `type:"list"`
 | |
| 
 | |
| 	// The principal that can retire the grant.
 | |
| 	RetiringPrincipal *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s GrantListEntry) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s GrantListEntry) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetConstraints sets the Constraints field's value.
 | |
| func (s *GrantListEntry) SetConstraints(v *GrantConstraints) *GrantListEntry {
 | |
| 	s.Constraints = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetCreationDate sets the CreationDate field's value.
 | |
| func (s *GrantListEntry) SetCreationDate(v time.Time) *GrantListEntry {
 | |
| 	s.CreationDate = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantId sets the GrantId field's value.
 | |
| func (s *GrantListEntry) SetGrantId(v string) *GrantListEntry {
 | |
| 	s.GrantId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGranteePrincipal sets the GranteePrincipal field's value.
 | |
| func (s *GrantListEntry) SetGranteePrincipal(v string) *GrantListEntry {
 | |
| 	s.GranteePrincipal = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetIssuingAccount sets the IssuingAccount field's value.
 | |
| func (s *GrantListEntry) SetIssuingAccount(v string) *GrantListEntry {
 | |
| 	s.IssuingAccount = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *GrantListEntry) SetKeyId(v string) *GrantListEntry {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetName sets the Name field's value.
 | |
| func (s *GrantListEntry) SetName(v string) *GrantListEntry {
 | |
| 	s.Name = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetOperations sets the Operations field's value.
 | |
| func (s *GrantListEntry) SetOperations(v []*string) *GrantListEntry {
 | |
| 	s.Operations = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetRetiringPrincipal sets the RetiringPrincipal field's value.
 | |
| func (s *GrantListEntry) SetRetiringPrincipal(v string) *GrantListEntry {
 | |
| 	s.RetiringPrincipal = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ImportKeyMaterialInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The encrypted key material to import. It must be encrypted with the public
 | |
| 	// key that you received in the response to a previous GetParametersForImport
 | |
| 	// request, using the wrapping algorithm that you specified in that request.
 | |
| 	//
 | |
| 	// EncryptedKeyMaterial is automatically base64 encoded/decoded by the SDK.
 | |
| 	//
 | |
| 	// EncryptedKeyMaterial is a required field
 | |
| 	EncryptedKeyMaterial []byte `min:"1" type:"blob" required:"true"`
 | |
| 
 | |
| 	// Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES,
 | |
| 	// in which case you must include the ValidTo parameter. When this parameter
 | |
| 	// is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.
 | |
| 	ExpirationModel *string `type:"string" enum:"ExpirationModelType"`
 | |
| 
 | |
| 	// The import token that you received in the response to a previous GetParametersForImport
 | |
| 	// request. It must be from the same response that contained the public key
 | |
| 	// that you used to encrypt the key material.
 | |
| 	//
 | |
| 	// ImportToken is automatically base64 encoded/decoded by the SDK.
 | |
| 	//
 | |
| 	// ImportToken is a required field
 | |
| 	ImportToken []byte `min:"1" type:"blob" required:"true"`
 | |
| 
 | |
| 	// The identifier of the CMK to import the key material into. The CMK's Origin
 | |
| 	// must be EXTERNAL.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The time at which the imported key material expires. When the key material
 | |
| 	// expires, AWS KMS deletes the key material and the CMK becomes unusable. You
 | |
| 	// must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE.
 | |
| 	// Otherwise it is required.
 | |
| 	ValidTo *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ImportKeyMaterialInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ImportKeyMaterialInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ImportKeyMaterialInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ImportKeyMaterialInput"}
 | |
| 	if s.EncryptedKeyMaterial == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("EncryptedKeyMaterial"))
 | |
| 	}
 | |
| 	if s.EncryptedKeyMaterial != nil && len(s.EncryptedKeyMaterial) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("EncryptedKeyMaterial", 1))
 | |
| 	}
 | |
| 	if s.ImportToken == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("ImportToken"))
 | |
| 	}
 | |
| 	if s.ImportToken != nil && len(s.ImportToken) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("ImportToken", 1))
 | |
| 	}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetEncryptedKeyMaterial sets the EncryptedKeyMaterial field's value.
 | |
| func (s *ImportKeyMaterialInput) SetEncryptedKeyMaterial(v []byte) *ImportKeyMaterialInput {
 | |
| 	s.EncryptedKeyMaterial = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetExpirationModel sets the ExpirationModel field's value.
 | |
| func (s *ImportKeyMaterialInput) SetExpirationModel(v string) *ImportKeyMaterialInput {
 | |
| 	s.ExpirationModel = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetImportToken sets the ImportToken field's value.
 | |
| func (s *ImportKeyMaterialInput) SetImportToken(v []byte) *ImportKeyMaterialInput {
 | |
| 	s.ImportToken = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ImportKeyMaterialInput) SetKeyId(v string) *ImportKeyMaterialInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetValidTo sets the ValidTo field's value.
 | |
| func (s *ImportKeyMaterialInput) SetValidTo(v time.Time) *ImportKeyMaterialInput {
 | |
| 	s.ValidTo = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ImportKeyMaterialOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ImportKeyMaterialOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ImportKeyMaterialOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Contains information about each entry in the key list.
 | |
| type KeyListEntry struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// ARN of the key.
 | |
| 	KeyArn *string `min:"20" type:"string"`
 | |
| 
 | |
| 	// Unique identifier of the key.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s KeyListEntry) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s KeyListEntry) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeyArn sets the KeyArn field's value.
 | |
| func (s *KeyListEntry) SetKeyArn(v string) *KeyListEntry {
 | |
| 	s.KeyArn = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *KeyListEntry) SetKeyId(v string) *KeyListEntry {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // Contains metadata about a customer master key (CMK).
 | |
| //
 | |
| // This data type is used as a response element for the CreateKey and DescribeKey
 | |
| // operations.
 | |
| type KeyMetadata struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The twelve-digit account ID of the AWS account that owns the CMK.
 | |
| 	AWSAccountId *string `type:"string"`
 | |
| 
 | |
| 	// The Amazon Resource Name (ARN) of the CMK. For examples, see AWS Key Management
 | |
| 	// Service (AWS KMS) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms)
 | |
| 	// in the Example ARNs section of the AWS General Reference.
 | |
| 	Arn *string `min:"20" type:"string"`
 | |
| 
 | |
| 	// The date and time when the CMK was created.
 | |
| 	CreationDate *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| 
 | |
| 	// The date and time after which AWS KMS deletes the CMK. This value is present
 | |
| 	// only when KeyState is PendingDeletion, otherwise this value is omitted.
 | |
| 	DeletionDate *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| 
 | |
| 	// The description of the CMK.
 | |
| 	Description *string `type:"string"`
 | |
| 
 | |
| 	// Specifies whether the CMK is enabled. When KeyState is Enabled this value
 | |
| 	// is true, otherwise it is false.
 | |
| 	Enabled *bool `type:"boolean"`
 | |
| 
 | |
| 	// Specifies whether the CMK's key material expires. This value is present only
 | |
| 	// when Origin is EXTERNAL, otherwise this value is omitted.
 | |
| 	ExpirationModel *string `type:"string" enum:"ExpirationModelType"`
 | |
| 
 | |
| 	// The globally unique identifier for the CMK.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The CMK's manager. CMKs are either customer-managed or AWS-managed. For more
 | |
| 	// information about the difference, see Customer Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	KeyManager *string `type:"string" enum:"KeyManagerType"`
 | |
| 
 | |
| 	// The state of the CMK.
 | |
| 	//
 | |
| 	// For more information about how key state affects the use of a CMK, see How
 | |
| 	// Key State Affects the Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	KeyState *string `type:"string" enum:"KeyState"`
 | |
| 
 | |
| 	// The cryptographic operations for which you can use the CMK. Currently the
 | |
| 	// only allowed value is ENCRYPT_DECRYPT, which means you can use the CMK for
 | |
| 	// the Encrypt and Decrypt operations.
 | |
| 	KeyUsage *string `type:"string" enum:"KeyUsageType"`
 | |
| 
 | |
| 	// The source of the CMK's key material. When this value is AWS_KMS, AWS KMS
 | |
| 	// created the key material. When this value is EXTERNAL, the key material was
 | |
| 	// imported from your existing key management infrastructure or the CMK lacks
 | |
| 	// key material.
 | |
| 	Origin *string `type:"string" enum:"OriginType"`
 | |
| 
 | |
| 	// The time at which the imported key material expires. When the key material
 | |
| 	// expires, AWS KMS deletes the key material and the CMK becomes unusable. This
 | |
| 	// value is present only for CMKs whose Origin is EXTERNAL and whose ExpirationModel
 | |
| 	// is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.
 | |
| 	ValidTo *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s KeyMetadata) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s KeyMetadata) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetAWSAccountId sets the AWSAccountId field's value.
 | |
| func (s *KeyMetadata) SetAWSAccountId(v string) *KeyMetadata {
 | |
| 	s.AWSAccountId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetArn sets the Arn field's value.
 | |
| func (s *KeyMetadata) SetArn(v string) *KeyMetadata {
 | |
| 	s.Arn = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetCreationDate sets the CreationDate field's value.
 | |
| func (s *KeyMetadata) SetCreationDate(v time.Time) *KeyMetadata {
 | |
| 	s.CreationDate = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetDeletionDate sets the DeletionDate field's value.
 | |
| func (s *KeyMetadata) SetDeletionDate(v time.Time) *KeyMetadata {
 | |
| 	s.DeletionDate = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetDescription sets the Description field's value.
 | |
| func (s *KeyMetadata) SetDescription(v string) *KeyMetadata {
 | |
| 	s.Description = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetEnabled sets the Enabled field's value.
 | |
| func (s *KeyMetadata) SetEnabled(v bool) *KeyMetadata {
 | |
| 	s.Enabled = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetExpirationModel sets the ExpirationModel field's value.
 | |
| func (s *KeyMetadata) SetExpirationModel(v string) *KeyMetadata {
 | |
| 	s.ExpirationModel = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *KeyMetadata) SetKeyId(v string) *KeyMetadata {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyManager sets the KeyManager field's value.
 | |
| func (s *KeyMetadata) SetKeyManager(v string) *KeyMetadata {
 | |
| 	s.KeyManager = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyState sets the KeyState field's value.
 | |
| func (s *KeyMetadata) SetKeyState(v string) *KeyMetadata {
 | |
| 	s.KeyState = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyUsage sets the KeyUsage field's value.
 | |
| func (s *KeyMetadata) SetKeyUsage(v string) *KeyMetadata {
 | |
| 	s.KeyUsage = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetOrigin sets the Origin field's value.
 | |
| func (s *KeyMetadata) SetOrigin(v string) *KeyMetadata {
 | |
| 	s.Origin = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetValidTo sets the ValidTo field's value.
 | |
| func (s *KeyMetadata) SetValidTo(v time.Time) *KeyMetadata {
 | |
| 	s.ValidTo = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListAliasesInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Use this parameter to specify the maximum number of items to return. When
 | |
| 	// this value is present, AWS KMS does not return more than the specified number
 | |
| 	// of items, but it might return fewer.
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 1 and
 | |
| 	// 100, inclusive. If you do not include a value, it defaults to 50.
 | |
| 	Limit *int64 `min:"1" type:"integer"`
 | |
| 
 | |
| 	// Use this parameter in a subsequent request after you receive a response with
 | |
| 	// truncated results. Set it to the value of NextMarker from the truncated response
 | |
| 	// you just received.
 | |
| 	Marker *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListAliasesInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListAliasesInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ListAliasesInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ListAliasesInput"}
 | |
| 	if s.Limit != nil && *s.Limit < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 | |
| 	}
 | |
| 	if s.Marker != nil && len(*s.Marker) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetLimit sets the Limit field's value.
 | |
| func (s *ListAliasesInput) SetLimit(v int64) *ListAliasesInput {
 | |
| 	s.Limit = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetMarker sets the Marker field's value.
 | |
| func (s *ListAliasesInput) SetMarker(v string) *ListAliasesInput {
 | |
| 	s.Marker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListAliasesOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A list of aliases.
 | |
| 	Aliases []*AliasListEntry `type:"list"`
 | |
| 
 | |
| 	// When Truncated is true, this element is present and contains the value to
 | |
| 	// use for the Marker parameter in a subsequent request.
 | |
| 	NextMarker *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// A flag that indicates whether there are more items in the list. When this
 | |
| 	// value is true, the list in this response is truncated. To get more items,
 | |
| 	// pass the value of the NextMarker element in this response to the Marker parameter
 | |
| 	// in a subsequent request.
 | |
| 	Truncated *bool `type:"boolean"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListAliasesOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListAliasesOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetAliases sets the Aliases field's value.
 | |
| func (s *ListAliasesOutput) SetAliases(v []*AliasListEntry) *ListAliasesOutput {
 | |
| 	s.Aliases = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetNextMarker sets the NextMarker field's value.
 | |
| func (s *ListAliasesOutput) SetNextMarker(v string) *ListAliasesOutput {
 | |
| 	s.NextMarker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTruncated sets the Truncated field's value.
 | |
| func (s *ListAliasesOutput) SetTruncated(v bool) *ListAliasesOutput {
 | |
| 	s.Truncated = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListGrantsInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Use this parameter to specify the maximum number of items to return. When
 | |
| 	// this value is present, AWS KMS does not return more than the specified number
 | |
| 	// of items, but it might return fewer.
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 1 and
 | |
| 	// 100, inclusive. If you do not include a value, it defaults to 50.
 | |
| 	Limit *int64 `min:"1" type:"integer"`
 | |
| 
 | |
| 	// Use this parameter in a subsequent request after you receive a response with
 | |
| 	// truncated results. Set it to the value of NextMarker from the truncated response
 | |
| 	// you just received.
 | |
| 	Marker *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListGrantsInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListGrantsInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ListGrantsInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ListGrantsInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Limit != nil && *s.Limit < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 | |
| 	}
 | |
| 	if s.Marker != nil && len(*s.Marker) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ListGrantsInput) SetKeyId(v string) *ListGrantsInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetLimit sets the Limit field's value.
 | |
| func (s *ListGrantsInput) SetLimit(v int64) *ListGrantsInput {
 | |
| 	s.Limit = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetMarker sets the Marker field's value.
 | |
| func (s *ListGrantsInput) SetMarker(v string) *ListGrantsInput {
 | |
| 	s.Marker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListGrantsResponse struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A list of grants.
 | |
| 	Grants []*GrantListEntry `type:"list"`
 | |
| 
 | |
| 	// When Truncated is true, this element is present and contains the value to
 | |
| 	// use for the Marker parameter in a subsequent request.
 | |
| 	NextMarker *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// A flag that indicates whether there are more items in the list. When this
 | |
| 	// value is true, the list in this response is truncated. To get more items,
 | |
| 	// pass the value of the NextMarker element in this response to the Marker parameter
 | |
| 	// in a subsequent request.
 | |
| 	Truncated *bool `type:"boolean"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListGrantsResponse) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListGrantsResponse) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetGrants sets the Grants field's value.
 | |
| func (s *ListGrantsResponse) SetGrants(v []*GrantListEntry) *ListGrantsResponse {
 | |
| 	s.Grants = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetNextMarker sets the NextMarker field's value.
 | |
| func (s *ListGrantsResponse) SetNextMarker(v string) *ListGrantsResponse {
 | |
| 	s.NextMarker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTruncated sets the Truncated field's value.
 | |
| func (s *ListGrantsResponse) SetTruncated(v bool) *ListGrantsResponse {
 | |
| 	s.Truncated = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListKeyPoliciesInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Use this parameter to specify the maximum number of items to return. When
 | |
| 	// this value is present, AWS KMS does not return more than the specified number
 | |
| 	// of items, but it might return fewer.
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 1 and
 | |
| 	// 1000, inclusive. If you do not include a value, it defaults to 100.
 | |
| 	//
 | |
| 	// Currently only 1 policy can be attached to a key.
 | |
| 	Limit *int64 `min:"1" type:"integer"`
 | |
| 
 | |
| 	// Use this parameter in a subsequent request after you receive a response with
 | |
| 	// truncated results. Set it to the value of NextMarker from the truncated response
 | |
| 	// you just received.
 | |
| 	Marker *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListKeyPoliciesInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListKeyPoliciesInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ListKeyPoliciesInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ListKeyPoliciesInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Limit != nil && *s.Limit < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 | |
| 	}
 | |
| 	if s.Marker != nil && len(*s.Marker) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ListKeyPoliciesInput) SetKeyId(v string) *ListKeyPoliciesInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetLimit sets the Limit field's value.
 | |
| func (s *ListKeyPoliciesInput) SetLimit(v int64) *ListKeyPoliciesInput {
 | |
| 	s.Limit = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetMarker sets the Marker field's value.
 | |
| func (s *ListKeyPoliciesInput) SetMarker(v string) *ListKeyPoliciesInput {
 | |
| 	s.Marker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListKeyPoliciesOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// When Truncated is true, this element is present and contains the value to
 | |
| 	// use for the Marker parameter in a subsequent request.
 | |
| 	NextMarker *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// A list of key policy names. Currently, there is only one key policy per CMK
 | |
| 	// and it is always named default.
 | |
| 	PolicyNames []*string `type:"list"`
 | |
| 
 | |
| 	// A flag that indicates whether there are more items in the list. When this
 | |
| 	// value is true, the list in this response is truncated. To get more items,
 | |
| 	// pass the value of the NextMarker element in this response to the Marker parameter
 | |
| 	// in a subsequent request.
 | |
| 	Truncated *bool `type:"boolean"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListKeyPoliciesOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListKeyPoliciesOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetNextMarker sets the NextMarker field's value.
 | |
| func (s *ListKeyPoliciesOutput) SetNextMarker(v string) *ListKeyPoliciesOutput {
 | |
| 	s.NextMarker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPolicyNames sets the PolicyNames field's value.
 | |
| func (s *ListKeyPoliciesOutput) SetPolicyNames(v []*string) *ListKeyPoliciesOutput {
 | |
| 	s.PolicyNames = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTruncated sets the Truncated field's value.
 | |
| func (s *ListKeyPoliciesOutput) SetTruncated(v bool) *ListKeyPoliciesOutput {
 | |
| 	s.Truncated = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListKeysInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Use this parameter to specify the maximum number of items to return. When
 | |
| 	// this value is present, AWS KMS does not return more than the specified number
 | |
| 	// of items, but it might return fewer.
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 1 and
 | |
| 	// 1000, inclusive. If you do not include a value, it defaults to 100.
 | |
| 	Limit *int64 `min:"1" type:"integer"`
 | |
| 
 | |
| 	// Use this parameter in a subsequent request after you receive a response with
 | |
| 	// truncated results. Set it to the value of NextMarker from the truncated response
 | |
| 	// you just received.
 | |
| 	Marker *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListKeysInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListKeysInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ListKeysInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ListKeysInput"}
 | |
| 	if s.Limit != nil && *s.Limit < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 | |
| 	}
 | |
| 	if s.Marker != nil && len(*s.Marker) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetLimit sets the Limit field's value.
 | |
| func (s *ListKeysInput) SetLimit(v int64) *ListKeysInput {
 | |
| 	s.Limit = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetMarker sets the Marker field's value.
 | |
| func (s *ListKeysInput) SetMarker(v string) *ListKeysInput {
 | |
| 	s.Marker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListKeysOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A list of customer master keys (CMKs).
 | |
| 	Keys []*KeyListEntry `type:"list"`
 | |
| 
 | |
| 	// When Truncated is true, this element is present and contains the value to
 | |
| 	// use for the Marker parameter in a subsequent request.
 | |
| 	NextMarker *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// A flag that indicates whether there are more items in the list. When this
 | |
| 	// value is true, the list in this response is truncated. To get more items,
 | |
| 	// pass the value of the NextMarker element in this response to the Marker parameter
 | |
| 	// in a subsequent request.
 | |
| 	Truncated *bool `type:"boolean"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListKeysOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListKeysOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetKeys sets the Keys field's value.
 | |
| func (s *ListKeysOutput) SetKeys(v []*KeyListEntry) *ListKeysOutput {
 | |
| 	s.Keys = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetNextMarker sets the NextMarker field's value.
 | |
| func (s *ListKeysOutput) SetNextMarker(v string) *ListKeysOutput {
 | |
| 	s.NextMarker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTruncated sets the Truncated field's value.
 | |
| func (s *ListKeysOutput) SetTruncated(v bool) *ListKeysOutput {
 | |
| 	s.Truncated = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListResourceTagsInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Use this parameter to specify the maximum number of items to return. When
 | |
| 	// this value is present, AWS KMS does not return more than the specified number
 | |
| 	// of items, but it might return fewer.
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 1 and
 | |
| 	// 50, inclusive. If you do not include a value, it defaults to 50.
 | |
| 	Limit *int64 `min:"1" type:"integer"`
 | |
| 
 | |
| 	// Use this parameter in a subsequent request after you receive a response with
 | |
| 	// truncated results. Set it to the value of NextMarker from the truncated response
 | |
| 	// you just received.
 | |
| 	//
 | |
| 	// Do not attempt to construct this value. Use only the value of NextMarker
 | |
| 	// from the truncated response you just received.
 | |
| 	Marker *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListResourceTagsInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListResourceTagsInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ListResourceTagsInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ListResourceTagsInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Limit != nil && *s.Limit < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 | |
| 	}
 | |
| 	if s.Marker != nil && len(*s.Marker) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ListResourceTagsInput) SetKeyId(v string) *ListResourceTagsInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetLimit sets the Limit field's value.
 | |
| func (s *ListResourceTagsInput) SetLimit(v int64) *ListResourceTagsInput {
 | |
| 	s.Limit = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetMarker sets the Marker field's value.
 | |
| func (s *ListResourceTagsInput) SetMarker(v string) *ListResourceTagsInput {
 | |
| 	s.Marker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListResourceTagsOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// When Truncated is true, this element is present and contains the value to
 | |
| 	// use for the Marker parameter in a subsequent request.
 | |
| 	//
 | |
| 	// Do not assume or infer any information from this value.
 | |
| 	NextMarker *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// A list of tags. Each tag consists of a tag key and a tag value.
 | |
| 	Tags []*Tag `type:"list"`
 | |
| 
 | |
| 	// A flag that indicates whether there are more items in the list. When this
 | |
| 	// value is true, the list in this response is truncated. To get more items,
 | |
| 	// pass the value of the NextMarker element in this response to the Marker parameter
 | |
| 	// in a subsequent request.
 | |
| 	Truncated *bool `type:"boolean"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListResourceTagsOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListResourceTagsOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetNextMarker sets the NextMarker field's value.
 | |
| func (s *ListResourceTagsOutput) SetNextMarker(v string) *ListResourceTagsOutput {
 | |
| 	s.NextMarker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTags sets the Tags field's value.
 | |
| func (s *ListResourceTagsOutput) SetTags(v []*Tag) *ListResourceTagsOutput {
 | |
| 	s.Tags = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTruncated sets the Truncated field's value.
 | |
| func (s *ListResourceTagsOutput) SetTruncated(v bool) *ListResourceTagsOutput {
 | |
| 	s.Truncated = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ListRetirableGrantsInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Use this parameter to specify the maximum number of items to return. When
 | |
| 	// this value is present, AWS KMS does not return more than the specified number
 | |
| 	// of items, but it might return fewer.
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 1 and
 | |
| 	// 100, inclusive. If you do not include a value, it defaults to 50.
 | |
| 	Limit *int64 `min:"1" type:"integer"`
 | |
| 
 | |
| 	// Use this parameter in a subsequent request after you receive a response with
 | |
| 	// truncated results. Set it to the value of NextMarker from the truncated response
 | |
| 	// you just received.
 | |
| 	Marker *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The retiring principal for which to list grants.
 | |
| 	//
 | |
| 	// To specify the retiring principal, use the Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 | |
| 	// of an AWS principal. Valid AWS principals include AWS accounts (root), IAM
 | |
| 	// users, federated users, and assumed role users. For examples of the ARN syntax
 | |
| 	// for specifying a principal, see AWS Identity and Access Management (IAM)
 | |
| 	// (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam)
 | |
| 	// in the Example ARNs section of the Amazon Web Services General Reference.
 | |
| 	//
 | |
| 	// RetiringPrincipal is a required field
 | |
| 	RetiringPrincipal *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ListRetirableGrantsInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ListRetirableGrantsInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ListRetirableGrantsInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ListRetirableGrantsInput"}
 | |
| 	if s.Limit != nil && *s.Limit < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 | |
| 	}
 | |
| 	if s.Marker != nil && len(*s.Marker) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 | |
| 	}
 | |
| 	if s.RetiringPrincipal == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("RetiringPrincipal"))
 | |
| 	}
 | |
| 	if s.RetiringPrincipal != nil && len(*s.RetiringPrincipal) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("RetiringPrincipal", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetLimit sets the Limit field's value.
 | |
| func (s *ListRetirableGrantsInput) SetLimit(v int64) *ListRetirableGrantsInput {
 | |
| 	s.Limit = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetMarker sets the Marker field's value.
 | |
| func (s *ListRetirableGrantsInput) SetMarker(v string) *ListRetirableGrantsInput {
 | |
| 	s.Marker = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetRetiringPrincipal sets the RetiringPrincipal field's value.
 | |
| func (s *ListRetirableGrantsInput) SetRetiringPrincipal(v string) *ListRetirableGrantsInput {
 | |
| 	s.RetiringPrincipal = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type PutKeyPolicyInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A flag to indicate whether to bypass the key policy lockout safety check.
 | |
| 	//
 | |
| 	// Setting this value to true increases the risk that the CMK becomes unmanageable.
 | |
| 	// Do not set this value to true indiscriminately.
 | |
| 	//
 | |
| 	// For more information, refer to the scenario in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
 | |
| 	// section in the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	// Use this parameter only when you intend to prevent the principal that is
 | |
| 	// making the request from making a subsequent PutKeyPolicy request on the CMK.
 | |
| 	//
 | |
| 	// The default value is false.
 | |
| 	BypassPolicyLockoutSafetyCheck *bool `type:"boolean"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The key policy to attach to the CMK.
 | |
| 	//
 | |
| 	// The key policy must meet the following criteria:
 | |
| 	//
 | |
| 	//    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy
 | |
| 	//    must allow the principal that is making the PutKeyPolicy request to make
 | |
| 	//    a subsequent PutKeyPolicy request on the CMK. This reduces the risk that
 | |
| 	//    the CMK becomes unmanageable. For more information, refer to the scenario
 | |
| 	//    in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
 | |
| 	//    section of the AWS Key Management Service Developer Guide.
 | |
| 	//
 | |
| 	//    * Each statement in the key policy must contain one or more principals.
 | |
| 	//    The principals in the key policy must exist and be visible to AWS KMS.
 | |
| 	//    When you create a new AWS principal (for example, an IAM user or role),
 | |
| 	//    you might need to enforce a delay before including the new principal in
 | |
| 	//    a key policy because the new principal might not be immediately visible
 | |
| 	//    to AWS KMS. For more information, see Changes that I make are not always
 | |
| 	//    immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 | |
| 	//    in the AWS Identity and Access Management User Guide.
 | |
| 	//
 | |
| 	// The key policy size limit is 32 kilobytes (32768 bytes).
 | |
| 	//
 | |
| 	// Policy is a required field
 | |
| 	Policy *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The name of the key policy. The only valid value is default.
 | |
| 	//
 | |
| 	// PolicyName is a required field
 | |
| 	PolicyName *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s PutKeyPolicyInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s PutKeyPolicyInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *PutKeyPolicyInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "PutKeyPolicyInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Policy == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("Policy"))
 | |
| 	}
 | |
| 	if s.Policy != nil && len(*s.Policy) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("Policy", 1))
 | |
| 	}
 | |
| 	if s.PolicyName == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 | |
| 	}
 | |
| 	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetBypassPolicyLockoutSafetyCheck sets the BypassPolicyLockoutSafetyCheck field's value.
 | |
| func (s *PutKeyPolicyInput) SetBypassPolicyLockoutSafetyCheck(v bool) *PutKeyPolicyInput {
 | |
| 	s.BypassPolicyLockoutSafetyCheck = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *PutKeyPolicyInput) SetKeyId(v string) *PutKeyPolicyInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPolicy sets the Policy field's value.
 | |
| func (s *PutKeyPolicyInput) SetPolicy(v string) *PutKeyPolicyInput {
 | |
| 	s.Policy = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPolicyName sets the PolicyName field's value.
 | |
| func (s *PutKeyPolicyInput) SetPolicyName(v string) *PutKeyPolicyInput {
 | |
| 	s.PolicyName = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type PutKeyPolicyOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s PutKeyPolicyOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s PutKeyPolicyOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type ReEncryptInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Ciphertext of the data to reencrypt.
 | |
| 	//
 | |
| 	// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
 | |
| 	//
 | |
| 	// CiphertextBlob is a required field
 | |
| 	CiphertextBlob []byte `min:"1" type:"blob" required:"true"`
 | |
| 
 | |
| 	// Encryption context to use when the data is reencrypted.
 | |
| 	DestinationEncryptionContext map[string]*string `type:"map"`
 | |
| 
 | |
| 	// A unique identifier for the CMK that is used to reencrypt the data.
 | |
| 	//
 | |
| 	// To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name,
 | |
| 	// or alias ARN. When using an alias name, prefix it with "alias/". To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN or alias ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Alias name: alias/ExampleAlias
 | |
| 	//
 | |
| 	//    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To
 | |
| 	// get the alias name and alias ARN, use ListAliases.
 | |
| 	//
 | |
| 	// DestinationKeyId is a required field
 | |
| 	DestinationKeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// A list of grant tokens.
 | |
| 	//
 | |
| 	// For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token)
 | |
| 	// in the AWS Key Management Service Developer Guide.
 | |
| 	GrantTokens []*string `type:"list"`
 | |
| 
 | |
| 	// Encryption context used to encrypt and decrypt the data specified in the
 | |
| 	// CiphertextBlob parameter.
 | |
| 	SourceEncryptionContext map[string]*string `type:"map"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ReEncryptInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ReEncryptInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ReEncryptInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ReEncryptInput"}
 | |
| 	if s.CiphertextBlob == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("CiphertextBlob"))
 | |
| 	}
 | |
| 	if s.CiphertextBlob != nil && len(s.CiphertextBlob) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("CiphertextBlob", 1))
 | |
| 	}
 | |
| 	if s.DestinationKeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("DestinationKeyId"))
 | |
| 	}
 | |
| 	if s.DestinationKeyId != nil && len(*s.DestinationKeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("DestinationKeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetCiphertextBlob sets the CiphertextBlob field's value.
 | |
| func (s *ReEncryptInput) SetCiphertextBlob(v []byte) *ReEncryptInput {
 | |
| 	s.CiphertextBlob = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetDestinationEncryptionContext sets the DestinationEncryptionContext field's value.
 | |
| func (s *ReEncryptInput) SetDestinationEncryptionContext(v map[string]*string) *ReEncryptInput {
 | |
| 	s.DestinationEncryptionContext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetDestinationKeyId sets the DestinationKeyId field's value.
 | |
| func (s *ReEncryptInput) SetDestinationKeyId(v string) *ReEncryptInput {
 | |
| 	s.DestinationKeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantTokens sets the GrantTokens field's value.
 | |
| func (s *ReEncryptInput) SetGrantTokens(v []*string) *ReEncryptInput {
 | |
| 	s.GrantTokens = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetSourceEncryptionContext sets the SourceEncryptionContext field's value.
 | |
| func (s *ReEncryptInput) SetSourceEncryptionContext(v map[string]*string) *ReEncryptInput {
 | |
| 	s.SourceEncryptionContext = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ReEncryptOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The reencrypted data. When you use the HTTP API or the AWS CLI, the value
 | |
| 	// is Base64-encoded. Otherwise, it is not encoded.
 | |
| 	//
 | |
| 	// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
 | |
| 	CiphertextBlob []byte `min:"1" type:"blob"`
 | |
| 
 | |
| 	// Unique identifier of the CMK used to reencrypt the data.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// Unique identifier of the CMK used to originally encrypt the data.
 | |
| 	SourceKeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ReEncryptOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ReEncryptOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetCiphertextBlob sets the CiphertextBlob field's value.
 | |
| func (s *ReEncryptOutput) SetCiphertextBlob(v []byte) *ReEncryptOutput {
 | |
| 	s.CiphertextBlob = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ReEncryptOutput) SetKeyId(v string) *ReEncryptOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetSourceKeyId sets the SourceKeyId field's value.
 | |
| func (s *ReEncryptOutput) SetSourceKeyId(v string) *ReEncryptOutput {
 | |
| 	s.SourceKeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type RetireGrantInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Unique identifier of the grant to retire. The grant ID is returned in the
 | |
| 	// response to a CreateGrant operation.
 | |
| 	//
 | |
| 	//    * Grant ID Example - 0123456789012345678901234567890123456789012345678901234567890123
 | |
| 	GrantId *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// Token that identifies the grant to be retired.
 | |
| 	GrantToken *string `min:"1" type:"string"`
 | |
| 
 | |
| 	// The Amazon Resource Name (ARN) of the CMK associated with the grant.
 | |
| 	//
 | |
| 	// For example: arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s RetireGrantInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s RetireGrantInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *RetireGrantInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "RetireGrantInput"}
 | |
| 	if s.GrantId != nil && len(*s.GrantId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("GrantId", 1))
 | |
| 	}
 | |
| 	if s.GrantToken != nil && len(*s.GrantToken) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("GrantToken", 1))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetGrantId sets the GrantId field's value.
 | |
| func (s *RetireGrantInput) SetGrantId(v string) *RetireGrantInput {
 | |
| 	s.GrantId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetGrantToken sets the GrantToken field's value.
 | |
| func (s *RetireGrantInput) SetGrantToken(v string) *RetireGrantInput {
 | |
| 	s.GrantToken = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *RetireGrantInput) SetKeyId(v string) *RetireGrantInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type RetireGrantOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s RetireGrantOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s RetireGrantOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type RevokeGrantInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// Identifier of the grant to be revoked.
 | |
| 	//
 | |
| 	// GrantId is a required field
 | |
| 	GrantId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key associated with the grant.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify
 | |
| 	// a CMK in a different AWS account, you must use the key ARN.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s RevokeGrantInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s RevokeGrantInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *RevokeGrantInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "RevokeGrantInput"}
 | |
| 	if s.GrantId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("GrantId"))
 | |
| 	}
 | |
| 	if s.GrantId != nil && len(*s.GrantId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("GrantId", 1))
 | |
| 	}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetGrantId sets the GrantId field's value.
 | |
| func (s *RevokeGrantInput) SetGrantId(v string) *RevokeGrantInput {
 | |
| 	s.GrantId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *RevokeGrantInput) SetKeyId(v string) *RevokeGrantInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type RevokeGrantOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s RevokeGrantOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s RevokeGrantOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type ScheduleKeyDeletionInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The unique identifier of the customer master key (CMK) to delete.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The waiting period, specified in number of days. After the waiting period
 | |
| 	// ends, AWS KMS deletes the customer master key (CMK).
 | |
| 	//
 | |
| 	// This value is optional. If you include a value, it must be between 7 and
 | |
| 	// 30, inclusive. If you do not include a value, it defaults to 30.
 | |
| 	PendingWindowInDays *int64 `min:"1" type:"integer"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ScheduleKeyDeletionInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ScheduleKeyDeletionInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *ScheduleKeyDeletionInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "ScheduleKeyDeletionInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.PendingWindowInDays != nil && *s.PendingWindowInDays < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinValue("PendingWindowInDays", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ScheduleKeyDeletionInput) SetKeyId(v string) *ScheduleKeyDeletionInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetPendingWindowInDays sets the PendingWindowInDays field's value.
 | |
| func (s *ScheduleKeyDeletionInput) SetPendingWindowInDays(v int64) *ScheduleKeyDeletionInput {
 | |
| 	s.PendingWindowInDays = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type ScheduleKeyDeletionOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The date and time after which AWS KMS deletes the customer master key (CMK).
 | |
| 	DeletionDate *time.Time `type:"timestamp" timestampFormat:"unix"`
 | |
| 
 | |
| 	// The unique identifier of the customer master key (CMK) for which deletion
 | |
| 	// is scheduled.
 | |
| 	KeyId *string `min:"1" type:"string"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s ScheduleKeyDeletionOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s ScheduleKeyDeletionOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // SetDeletionDate sets the DeletionDate field's value.
 | |
| func (s *ScheduleKeyDeletionOutput) SetDeletionDate(v time.Time) *ScheduleKeyDeletionOutput {
 | |
| 	s.DeletionDate = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *ScheduleKeyDeletionOutput) SetKeyId(v string) *ScheduleKeyDeletionOutput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // A key-value pair. A tag consists of a tag key and a tag value. Tag keys and
 | |
| // tag values are both required, but tag values can be empty (null) strings.
 | |
| //
 | |
| // For information about the rules that apply to tag keys and tag values, see
 | |
| // User-Defined Tag Restrictions (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)
 | |
| // in the AWS Billing and Cost Management User Guide.
 | |
| type Tag struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// The key of the tag.
 | |
| 	//
 | |
| 	// TagKey is a required field
 | |
| 	TagKey *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// The value of the tag.
 | |
| 	//
 | |
| 	// TagValue is a required field
 | |
| 	TagValue *string `type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s Tag) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s Tag) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *Tag) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "Tag"}
 | |
| 	if s.TagKey == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("TagKey"))
 | |
| 	}
 | |
| 	if s.TagKey != nil && len(*s.TagKey) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("TagKey", 1))
 | |
| 	}
 | |
| 	if s.TagValue == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("TagValue"))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetTagKey sets the TagKey field's value.
 | |
| func (s *Tag) SetTagKey(v string) *Tag {
 | |
| 	s.TagKey = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTagValue sets the TagValue field's value.
 | |
| func (s *Tag) SetTagValue(v string) *Tag {
 | |
| 	s.TagValue = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type TagResourceInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the CMK you are tagging.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// One or more tags. Each tag consists of a tag key and a tag value.
 | |
| 	//
 | |
| 	// Tags is a required field
 | |
| 	Tags []*Tag `type:"list" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s TagResourceInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s TagResourceInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *TagResourceInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.Tags == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("Tags"))
 | |
| 	}
 | |
| 	if s.Tags != nil {
 | |
| 		for i, v := range s.Tags {
 | |
| 			if v == nil {
 | |
| 				continue
 | |
| 			}
 | |
| 			if err := v.Validate(); err != nil {
 | |
| 				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *TagResourceInput) SetKeyId(v string) *TagResourceInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTags sets the Tags field's value.
 | |
| func (s *TagResourceInput) SetTags(v []*Tag) *TagResourceInput {
 | |
| 	s.Tags = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type TagResourceOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s TagResourceOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s TagResourceOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type UntagResourceInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// A unique identifier for the CMK from which you are removing tags.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// One or more tag keys. Specify only the tag keys, not the tag values.
 | |
| 	//
 | |
| 	// TagKeys is a required field
 | |
| 	TagKeys []*string `type:"list" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s UntagResourceInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s UntagResourceInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *UntagResourceInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 	if s.TagKeys == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *UntagResourceInput) SetKeyId(v string) *UntagResourceInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTagKeys sets the TagKeys field's value.
 | |
| func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput {
 | |
| 	s.TagKeys = v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type UntagResourceOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s UntagResourceOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s UntagResourceOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type UpdateAliasInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// String that contains the name of the alias to be modified. The name must
 | |
| 	// start with the word "alias" followed by a forward slash (alias/). Aliases
 | |
| 	// that begin with "alias/aws" are reserved.
 | |
| 	//
 | |
| 	// AliasName is a required field
 | |
| 	AliasName *string `min:"1" type:"string" required:"true"`
 | |
| 
 | |
| 	// Unique identifier of the customer master key to be mapped to the alias.
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// To verify that the alias is mapped to the correct CMK, use ListAliases.
 | |
| 	//
 | |
| 	// TargetKeyId is a required field
 | |
| 	TargetKeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s UpdateAliasInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s UpdateAliasInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *UpdateAliasInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "UpdateAliasInput"}
 | |
| 	if s.AliasName == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("AliasName"))
 | |
| 	}
 | |
| 	if s.AliasName != nil && len(*s.AliasName) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("AliasName", 1))
 | |
| 	}
 | |
| 	if s.TargetKeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("TargetKeyId"))
 | |
| 	}
 | |
| 	if s.TargetKeyId != nil && len(*s.TargetKeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("TargetKeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetAliasName sets the AliasName field's value.
 | |
| func (s *UpdateAliasInput) SetAliasName(v string) *UpdateAliasInput {
 | |
| 	s.AliasName = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetTargetKeyId sets the TargetKeyId field's value.
 | |
| func (s *UpdateAliasInput) SetTargetKeyId(v string) *UpdateAliasInput {
 | |
| 	s.TargetKeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type UpdateAliasOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s UpdateAliasOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s UpdateAliasOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| type UpdateKeyDescriptionInput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| 
 | |
| 	// New description for the CMK.
 | |
| 	//
 | |
| 	// Description is a required field
 | |
| 	Description *string `type:"string" required:"true"`
 | |
| 
 | |
| 	// A unique identifier for the customer master key (CMK).
 | |
| 	//
 | |
| 	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
 | |
| 	//
 | |
| 	// For example:
 | |
| 	//
 | |
| 	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
 | |
| 	//
 | |
| 	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
 | |
| 	//
 | |
| 	// KeyId is a required field
 | |
| 	KeyId *string `min:"1" type:"string" required:"true"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s UpdateKeyDescriptionInput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s UpdateKeyDescriptionInput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| // Validate inspects the fields of the type to determine if they are valid.
 | |
| func (s *UpdateKeyDescriptionInput) Validate() error {
 | |
| 	invalidParams := request.ErrInvalidParams{Context: "UpdateKeyDescriptionInput"}
 | |
| 	if s.Description == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("Description"))
 | |
| 	}
 | |
| 	if s.KeyId == nil {
 | |
| 		invalidParams.Add(request.NewErrParamRequired("KeyId"))
 | |
| 	}
 | |
| 	if s.KeyId != nil && len(*s.KeyId) < 1 {
 | |
| 		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
 | |
| 	}
 | |
| 
 | |
| 	if invalidParams.Len() > 0 {
 | |
| 		return invalidParams
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // SetDescription sets the Description field's value.
 | |
| func (s *UpdateKeyDescriptionInput) SetDescription(v string) *UpdateKeyDescriptionInput {
 | |
| 	s.Description = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| // SetKeyId sets the KeyId field's value.
 | |
| func (s *UpdateKeyDescriptionInput) SetKeyId(v string) *UpdateKeyDescriptionInput {
 | |
| 	s.KeyId = &v
 | |
| 	return s
 | |
| }
 | |
| 
 | |
| type UpdateKeyDescriptionOutput struct {
 | |
| 	_ struct{} `type:"structure"`
 | |
| }
 | |
| 
 | |
| // String returns the string representation
 | |
| func (s UpdateKeyDescriptionOutput) String() string {
 | |
| 	return awsutil.Prettify(s)
 | |
| }
 | |
| 
 | |
| // GoString returns the string representation
 | |
| func (s UpdateKeyDescriptionOutput) GoString() string {
 | |
| 	return s.String()
 | |
| }
 | |
| 
 | |
| const (
 | |
| 	// AlgorithmSpecRsaesPkcs1V15 is a AlgorithmSpec enum value
 | |
| 	AlgorithmSpecRsaesPkcs1V15 = "RSAES_PKCS1_V1_5"
 | |
| 
 | |
| 	// AlgorithmSpecRsaesOaepSha1 is a AlgorithmSpec enum value
 | |
| 	AlgorithmSpecRsaesOaepSha1 = "RSAES_OAEP_SHA_1"
 | |
| 
 | |
| 	// AlgorithmSpecRsaesOaepSha256 is a AlgorithmSpec enum value
 | |
| 	AlgorithmSpecRsaesOaepSha256 = "RSAES_OAEP_SHA_256"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// DataKeySpecAes256 is a DataKeySpec enum value
 | |
| 	DataKeySpecAes256 = "AES_256"
 | |
| 
 | |
| 	// DataKeySpecAes128 is a DataKeySpec enum value
 | |
| 	DataKeySpecAes128 = "AES_128"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// ExpirationModelTypeKeyMaterialExpires is a ExpirationModelType enum value
 | |
| 	ExpirationModelTypeKeyMaterialExpires = "KEY_MATERIAL_EXPIRES"
 | |
| 
 | |
| 	// ExpirationModelTypeKeyMaterialDoesNotExpire is a ExpirationModelType enum value
 | |
| 	ExpirationModelTypeKeyMaterialDoesNotExpire = "KEY_MATERIAL_DOES_NOT_EXPIRE"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// GrantOperationDecrypt is a GrantOperation enum value
 | |
| 	GrantOperationDecrypt = "Decrypt"
 | |
| 
 | |
| 	// GrantOperationEncrypt is a GrantOperation enum value
 | |
| 	GrantOperationEncrypt = "Encrypt"
 | |
| 
 | |
| 	// GrantOperationGenerateDataKey is a GrantOperation enum value
 | |
| 	GrantOperationGenerateDataKey = "GenerateDataKey"
 | |
| 
 | |
| 	// GrantOperationGenerateDataKeyWithoutPlaintext is a GrantOperation enum value
 | |
| 	GrantOperationGenerateDataKeyWithoutPlaintext = "GenerateDataKeyWithoutPlaintext"
 | |
| 
 | |
| 	// GrantOperationReEncryptFrom is a GrantOperation enum value
 | |
| 	GrantOperationReEncryptFrom = "ReEncryptFrom"
 | |
| 
 | |
| 	// GrantOperationReEncryptTo is a GrantOperation enum value
 | |
| 	GrantOperationReEncryptTo = "ReEncryptTo"
 | |
| 
 | |
| 	// GrantOperationCreateGrant is a GrantOperation enum value
 | |
| 	GrantOperationCreateGrant = "CreateGrant"
 | |
| 
 | |
| 	// GrantOperationRetireGrant is a GrantOperation enum value
 | |
| 	GrantOperationRetireGrant = "RetireGrant"
 | |
| 
 | |
| 	// GrantOperationDescribeKey is a GrantOperation enum value
 | |
| 	GrantOperationDescribeKey = "DescribeKey"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// KeyManagerTypeAws is a KeyManagerType enum value
 | |
| 	KeyManagerTypeAws = "AWS"
 | |
| 
 | |
| 	// KeyManagerTypeCustomer is a KeyManagerType enum value
 | |
| 	KeyManagerTypeCustomer = "CUSTOMER"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// KeyStateEnabled is a KeyState enum value
 | |
| 	KeyStateEnabled = "Enabled"
 | |
| 
 | |
| 	// KeyStateDisabled is a KeyState enum value
 | |
| 	KeyStateDisabled = "Disabled"
 | |
| 
 | |
| 	// KeyStatePendingDeletion is a KeyState enum value
 | |
| 	KeyStatePendingDeletion = "PendingDeletion"
 | |
| 
 | |
| 	// KeyStatePendingImport is a KeyState enum value
 | |
| 	KeyStatePendingImport = "PendingImport"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// KeyUsageTypeEncryptDecrypt is a KeyUsageType enum value
 | |
| 	KeyUsageTypeEncryptDecrypt = "ENCRYPT_DECRYPT"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// OriginTypeAwsKms is a OriginType enum value
 | |
| 	OriginTypeAwsKms = "AWS_KMS"
 | |
| 
 | |
| 	// OriginTypeExternal is a OriginType enum value
 | |
| 	OriginTypeExternal = "EXTERNAL"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	// WrappingKeySpecRsa2048 is a WrappingKeySpec enum value
 | |
| 	WrappingKeySpecRsa2048 = "RSA_2048"
 | |
| )
 |