mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 02:50:30 +00:00
rebase: bump github.com/aws/aws-sdk-go from 1.44.28 to 1.44.62
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.28 to 1.44.62. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.28...v1.44.62) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
parent
a04a0ecc9f
commit
48dc0c95a6
2
go.mod
2
go.mod
@ -4,7 +4,7 @@ go 1.17
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/IBM/keyprotect-go-client v0.8.0
|
github.com/IBM/keyprotect-go-client v0.8.0
|
||||||
github.com/aws/aws-sdk-go v1.44.28
|
github.com/aws/aws-sdk-go v1.44.62
|
||||||
github.com/aws/aws-sdk-go-v2/service/sts v1.16.9
|
github.com/aws/aws-sdk-go-v2/service/sts v1.16.9
|
||||||
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
|
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
|
||||||
// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
|
// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
|
||||||
|
3
go.sum
3
go.sum
@ -141,8 +141,9 @@ github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi
|
|||||||
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||||
github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k=
|
github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k=
|
||||||
github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
||||||
github.com/aws/aws-sdk-go v1.44.28 h1:h/OAqEqY18wq//v6h4GNPMmCkxuzSDrWuGyrvSiRqf4=
|
|
||||||
github.com/aws/aws-sdk-go v1.44.28/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
github.com/aws/aws-sdk-go v1.44.28/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
||||||
|
github.com/aws/aws-sdk-go v1.44.62 h1:N8qOPnBhl2ZCIFiqyB640Xt5CeX9D8CEVhG/Vj7jGJU=
|
||||||
|
github.com/aws/aws-sdk-go v1.44.62/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
||||||
github.com/aws/aws-sdk-go-v2 v1.16.7 h1:zfBwXus3u14OszRxGcqCDS4MfMCv10e8SMJ2r8Xm0Ns=
|
github.com/aws/aws-sdk-go-v2 v1.16.7 h1:zfBwXus3u14OszRxGcqCDS4MfMCv10e8SMJ2r8Xm0Ns=
|
||||||
github.com/aws/aws-sdk-go-v2 v1.16.7/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
|
github.com/aws/aws-sdk-go-v2 v1.16.7/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
|
||||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14 h1:2C0pYHcUBmdzPj+EKNC4qj97oK6yjrUhc1KoSodglvk=
|
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14 h1:2C0pYHcUBmdzPj+EKNC4qj97oK6yjrUhc1KoSodglvk=
|
||||||
|
1490
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
1490
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
File diff suppressed because it is too large
Load Diff
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
@ -5,4 +5,4 @@ package aws
|
|||||||
const SDKName = "aws-sdk-go"
|
const SDKName = "aws-sdk-go"
|
||||||
|
|
||||||
// SDKVersion is the version of this SDK
|
// SDKVersion is the version of this SDK
|
||||||
const SDKVersion = "1.44.28"
|
const SDKVersion = "1.44.62"
|
||||||
|
3427
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
generated
vendored
3427
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
generated
vendored
File diff suppressed because it is too large
Load Diff
397
vendor/github.com/aws/aws-sdk-go/service/kms/api.go
generated
vendored
397
vendor/github.com/aws/aws-sdk-go/service/kms/api.go
generated
vendored
@ -534,7 +534,7 @@ func (c *KMS) CreateCustomKeyStoreRequest(input *CreateCustomKeyStoreInput) (req
|
|||||||
// that is associated with an CloudHSM cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/clusters.html)
|
// that is associated with an CloudHSM cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/clusters.html)
|
||||||
// that you own and manage.
|
// that you own and manage.
|
||||||
//
|
//
|
||||||
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// feature in KMS, which combines the convenience and extensive integration
|
// feature in KMS, which combines the convenience and extensive integration
|
||||||
// of KMS with the isolation and control of a single-tenant key store.
|
// of KMS with the isolation and control of a single-tenant key store.
|
||||||
//
|
//
|
||||||
@ -894,7 +894,8 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out
|
|||||||
// To create a symmetric encryption KMS key, you aren't required to specify
|
// To create a symmetric encryption KMS key, you aren't required to specify
|
||||||
// any parameters. The default value for KeySpec, SYMMETRIC_DEFAULT, and the
|
// any parameters. The default value for KeySpec, SYMMETRIC_DEFAULT, and the
|
||||||
// default value for KeyUsage, ENCRYPT_DECRYPT, create a symmetric encryption
|
// default value for KeyUsage, ENCRYPT_DECRYPT, create a symmetric encryption
|
||||||
// KMS key.
|
// KMS key. For technical details, see SYMMETRIC_DEFAULT key spec (https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default)
|
||||||
|
// in the Key Management Service Developer Guide.
|
||||||
//
|
//
|
||||||
// If you need a key for basic encryption and decryption or you are creating
|
// If you need a key for basic encryption and decryption or you are creating
|
||||||
// a KMS key to protect your resources in an Amazon Web Services service, create
|
// a KMS key to protect your resources in an Amazon Web Services service, create
|
||||||
@ -911,13 +912,14 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out
|
|||||||
// determine whether the KMS key will be used to encrypt and decrypt or sign
|
// determine whether the KMS key will be used to encrypt and decrypt or sign
|
||||||
// and verify. You can't change these properties after the KMS key is created.
|
// and verify. You can't change these properties after the KMS key is created.
|
||||||
//
|
//
|
||||||
// Asymmetric KMS keys contain an RSA key pair or an Elliptic Curve (ECC) key
|
// Asymmetric KMS keys contain an RSA key pair, Elliptic Curve (ECC) key pair,
|
||||||
// pair. The private key in an asymmetric KMS key never leaves KMS unencrypted.
|
// or an SM2 key pair (China Regions only). The private key in an asymmetric
|
||||||
// However, you can use the GetPublicKey operation to download the public key
|
// KMS key never leaves KMS unencrypted. However, you can use the GetPublicKey
|
||||||
// so it can be used outside of KMS. KMS keys with RSA key pairs can be used
|
// operation to download the public key so it can be used outside of KMS. KMS
|
||||||
// to encrypt or decrypt data or sign and verify messages (but not both). KMS
|
// keys with RSA or SM2 key pairs can be used to encrypt or decrypt data or
|
||||||
// keys with ECC key pairs can be used only to sign and verify messages. For
|
// sign and verify messages (but not both). KMS keys with ECC key pairs can
|
||||||
// information about asymmetric KMS keys, see Asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
|
// be used only to sign and verify messages. For information about asymmetric
|
||||||
|
// KMS keys, see Asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
|
||||||
// in the Key Management Service Developer Guide.
|
// in the Key Management Service Developer Guide.
|
||||||
//
|
//
|
||||||
// HMAC KMS key
|
// HMAC KMS key
|
||||||
@ -1516,7 +1518,7 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req
|
|||||||
// This operation does not delete the CloudHSM cluster that is associated with
|
// This operation does not delete the CloudHSM cluster that is associated with
|
||||||
// the custom key store, or affect any users or keys in the cluster.
|
// the custom key store, or affect any users or keys in the cluster.
|
||||||
//
|
//
|
||||||
// The custom key store that you delete cannot contain any KMS KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys).
|
// The custom key store that you delete cannot contain any KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys).
|
||||||
// Before deleting the key store, verify that you will never need to use any
|
// Before deleting the key store, verify that you will never need to use any
|
||||||
// of the KMS keys in the key store for any cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations).
|
// of the KMS keys in the key store for any cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations).
|
||||||
// Then, use ScheduleKeyDeletion to delete the KMS keys from the key store.
|
// Then, use ScheduleKeyDeletion to delete the KMS keys from the key store.
|
||||||
@ -1536,7 +1538,7 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req
|
|||||||
//
|
//
|
||||||
// If the operation succeeds, it returns a JSON object with no properties.
|
// If the operation succeeds, it returns a JSON object with no properties.
|
||||||
//
|
//
|
||||||
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// feature in KMS, which combines the convenience and extensive integration
|
// feature in KMS, which combines the convenience and extensive integration
|
||||||
// of KMS with the isolation and control of a single-tenant key store.
|
// of KMS with the isolation and control of a single-tenant key store.
|
||||||
//
|
//
|
||||||
@ -1783,6 +1785,12 @@ func (c *KMS) DescribeCustomKeyStoresRequest(input *DescribeCustomKeyStoresInput
|
|||||||
Name: opDescribeCustomKeyStores,
|
Name: opDescribeCustomKeyStores,
|
||||||
HTTPMethod: "POST",
|
HTTPMethod: "POST",
|
||||||
HTTPPath: "/",
|
HTTPPath: "/",
|
||||||
|
Paginator: &request.Paginator{
|
||||||
|
InputTokens: []string{"Marker"},
|
||||||
|
OutputTokens: []string{"NextMarker"},
|
||||||
|
LimitToken: "Limit",
|
||||||
|
TruncationToken: "Truncated",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if input == nil {
|
if input == nil {
|
||||||
@ -1799,7 +1807,7 @@ func (c *KMS) DescribeCustomKeyStoresRequest(input *DescribeCustomKeyStoresInput
|
|||||||
// Gets information about custom key stores (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// Gets information about custom key stores (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// in the account and Region.
|
// in the account and Region.
|
||||||
//
|
//
|
||||||
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// feature in KMS, which combines the convenience and extensive integration
|
// feature in KMS, which combines the convenience and extensive integration
|
||||||
// of KMS with the isolation and control of a single-tenant key store.
|
// of KMS with the isolation and control of a single-tenant key store.
|
||||||
//
|
//
|
||||||
@ -1884,6 +1892,58 @@ func (c *KMS) DescribeCustomKeyStoresWithContext(ctx aws.Context, input *Describ
|
|||||||
return out, req.Send()
|
return out, req.Send()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DescribeCustomKeyStoresPages iterates over the pages of a DescribeCustomKeyStores operation,
|
||||||
|
// calling the "fn" function with the response data for each page. To stop
|
||||||
|
// iterating, return false from the fn function.
|
||||||
|
//
|
||||||
|
// See DescribeCustomKeyStores method for more information on how to use this operation.
|
||||||
|
//
|
||||||
|
// Note: This operation can generate multiple requests to a service.
|
||||||
|
//
|
||||||
|
// // Example iterating over at most 3 pages of a DescribeCustomKeyStores operation.
|
||||||
|
// pageNum := 0
|
||||||
|
// err := client.DescribeCustomKeyStoresPages(params,
|
||||||
|
// func(page *kms.DescribeCustomKeyStoresOutput, lastPage bool) bool {
|
||||||
|
// pageNum++
|
||||||
|
// fmt.Println(page)
|
||||||
|
// return pageNum <= 3
|
||||||
|
// })
|
||||||
|
//
|
||||||
|
func (c *KMS) DescribeCustomKeyStoresPages(input *DescribeCustomKeyStoresInput, fn func(*DescribeCustomKeyStoresOutput, bool) bool) error {
|
||||||
|
return c.DescribeCustomKeyStoresPagesWithContext(aws.BackgroundContext(), input, fn)
|
||||||
|
}
|
||||||
|
|
||||||
|
// DescribeCustomKeyStoresPagesWithContext same as DescribeCustomKeyStoresPages except
|
||||||
|
// it takes a Context and allows setting request options on the pages.
|
||||||
|
//
|
||||||
|
// The context must be non-nil and will be used for request cancellation. If
|
||||||
|
// the context is nil a panic will occur. In the future the SDK may create
|
||||||
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
||||||
|
// for more information on using Contexts.
|
||||||
|
func (c *KMS) DescribeCustomKeyStoresPagesWithContext(ctx aws.Context, input *DescribeCustomKeyStoresInput, fn func(*DescribeCustomKeyStoresOutput, bool) bool, opts ...request.Option) error {
|
||||||
|
p := request.Pagination{
|
||||||
|
NewRequest: func() (*request.Request, error) {
|
||||||
|
var inCpy *DescribeCustomKeyStoresInput
|
||||||
|
if input != nil {
|
||||||
|
tmp := *input
|
||||||
|
inCpy = &tmp
|
||||||
|
}
|
||||||
|
req, _ := c.DescribeCustomKeyStoresRequest(inCpy)
|
||||||
|
req.SetContext(ctx)
|
||||||
|
req.ApplyOptions(opts...)
|
||||||
|
return req, nil
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for p.Next() {
|
||||||
|
if !fn(p.Page().(*DescribeCustomKeyStoresOutput), !p.HasNextPage()) {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return p.Err()
|
||||||
|
}
|
||||||
|
|
||||||
const opDescribeKey = "DescribeKey"
|
const opDescribeKey = "DescribeKey"
|
||||||
|
|
||||||
// DescribeKeyRequest generates a "aws/request.Request" representing the
|
// DescribeKeyRequest generates a "aws/request.Request" representing the
|
||||||
@ -1950,7 +2010,7 @@ func (c *KMS) DescribeKeyRequest(input *DescribeKeyInput) (req *request.Request,
|
|||||||
// information, use GetKeyRotationStatus. Also, some key states prevent a
|
// information, use GetKeyRotationStatus. Also, some key states prevent a
|
||||||
// KMS key from being automatically rotated. For details, see How Automatic
|
// KMS key from being automatically rotated. For details, see How Automatic
|
||||||
// Key Rotation Works (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works)
|
// Key Rotation Works (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works)
|
||||||
// in Key Management Service Developer Guide.
|
// in the Key Management Service Developer Guide.
|
||||||
//
|
//
|
||||||
// * Tags on the KMS key. To get this information, use ListResourceTags.
|
// * Tags on the KMS key. To get this information, use ListResourceTags.
|
||||||
//
|
//
|
||||||
@ -2356,7 +2416,7 @@ func (c *KMS) DisconnectCustomKeyStoreRequest(input *DisconnectCustomKeyStoreInp
|
|||||||
//
|
//
|
||||||
// If the operation succeeds, it returns a JSON object with no properties.
|
// If the operation succeeds, it returns a JSON object with no properties.
|
||||||
//
|
//
|
||||||
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// feature in KMS, which combines the convenience and extensive integration
|
// feature in KMS, which combines the convenience and extensive integration
|
||||||
// of KMS with the isolation and control of a single-tenant key store.
|
// of KMS with the isolation and control of a single-tenant key store.
|
||||||
//
|
//
|
||||||
@ -2774,7 +2834,7 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output
|
|||||||
// in the Key Management Service Developer Guide.
|
// in the Key Management Service Developer Guide.
|
||||||
//
|
//
|
||||||
// If you specify an asymmetric KMS key, you must also specify the encryption
|
// If you specify an asymmetric KMS key, you must also specify the encryption
|
||||||
// algorithm. The algorithm must be compatible with the KMS key type.
|
// algorithm. The algorithm must be compatible with the KMS key spec.
|
||||||
//
|
//
|
||||||
// When you use an asymmetric KMS key to encrypt or reencrypt data, be sure
|
// When you use an asymmetric KMS key to encrypt or reencrypt data, be sure
|
||||||
// to record the KMS key and encryption algorithm that you choose. You will
|
// to record the KMS key and encryption algorithm that you choose. You will
|
||||||
@ -2799,6 +2859,8 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output
|
|||||||
//
|
//
|
||||||
// * RSA_4096 RSAES_OAEP_SHA_1: 470 bytes RSAES_OAEP_SHA_256: 446 bytes
|
// * RSA_4096 RSAES_OAEP_SHA_1: 470 bytes RSAES_OAEP_SHA_256: 446 bytes
|
||||||
//
|
//
|
||||||
|
// * SM2PKE: 1024 bytes (China Regions only)
|
||||||
|
//
|
||||||
// The KMS key that you use for this operation must be in a compatible key state.
|
// The KMS key that you use for this operation must be in a compatible key state.
|
||||||
// For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
|
// For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
|
||||||
// in the Key Management Service Developer Guide.
|
// in the Key Management Service Developer Guide.
|
||||||
@ -2949,10 +3011,15 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request.
|
|||||||
// To generate a data key, specify the symmetric encryption KMS key that will
|
// To generate a data key, specify the symmetric encryption KMS key that will
|
||||||
// be used to encrypt the data key. You cannot use an asymmetric KMS key to
|
// be used to encrypt the data key. You cannot use an asymmetric KMS key to
|
||||||
// encrypt data keys. To get the type of your KMS key, use the DescribeKey operation.
|
// encrypt data keys. To get the type of your KMS key, use the DescribeKey operation.
|
||||||
|
//
|
||||||
// You must also specify the length of the data key. Use either the KeySpec
|
// You must also specify the length of the data key. Use either the KeySpec
|
||||||
// or NumberOfBytes parameters (but not both). For 128-bit and 256-bit data
|
// or NumberOfBytes parameters (but not both). For 128-bit and 256-bit data
|
||||||
// keys, use the KeySpec parameter.
|
// keys, use the KeySpec parameter.
|
||||||
//
|
//
|
||||||
|
// To generate an SM4 data key (China Regions only), specify a KeySpec value
|
||||||
|
// of AES_128 or NumberOfBytes value of 128. The symmetric encryption key used
|
||||||
|
// in China Regions to encrypt your data key is an SM4 encryption key.
|
||||||
|
//
|
||||||
// To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext.
|
// To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext.
|
||||||
// To generate an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext
|
// To generate an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext
|
||||||
// operation. To get a cryptographically secure random byte string, use GenerateRandom.
|
// operation. To get a cryptographically secure random byte string, use GenerateRandom.
|
||||||
@ -3160,9 +3227,10 @@ func (c *KMS) GenerateDataKeyPairRequest(input *GenerateDataKeyPairInput) (req *
|
|||||||
// your KMS key, use the DescribeKey operation.
|
// your KMS key, use the DescribeKey operation.
|
||||||
//
|
//
|
||||||
// Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data
|
// Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data
|
||||||
// key pair. KMS recommends that your use ECC key pairs for signing, and use
|
// key pair. In China Regions, you can also choose an SM2 data key pair. KMS
|
||||||
// RSA key pairs for either encryption or signing, but not both. However, KMS
|
// recommends that you use ECC key pairs for signing, and use RSA and SM2 key
|
||||||
// cannot enforce any restrictions on the use of data key pairs outside of KMS.
|
// pairs for either encryption or signing, but not both. However, KMS cannot
|
||||||
|
// enforce any restrictions on the use of data key pairs outside of KMS.
|
||||||
//
|
//
|
||||||
// If you are using the data key pair to encrypt data, or for any operation
|
// If you are using the data key pair to encrypt data, or for any operation
|
||||||
// where you don't immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext
|
// where you don't immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext
|
||||||
@ -3352,9 +3420,10 @@ func (c *KMS) GenerateDataKeyPairWithoutPlaintextRequest(input *GenerateDataKeyP
|
|||||||
// your KMS key, use the DescribeKey operation.
|
// your KMS key, use the DescribeKey operation.
|
||||||
//
|
//
|
||||||
// Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data
|
// Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data
|
||||||
// key pair. KMS recommends that your use ECC key pairs for signing, and use
|
// key pair. In China Regions, you can also choose an SM2 data key pair. KMS
|
||||||
// RSA key pairs for either encryption or signing, but not both. However, KMS
|
// recommends that you use ECC key pairs for signing, and use RSA and SM2 key
|
||||||
// cannot enforce any restrictions on the use of data key pairs outside of KMS.
|
// pairs for either encryption or signing, but not both. However, KMS cannot
|
||||||
|
// enforce any restrictions on the use of data key pairs outside of KMS.
|
||||||
//
|
//
|
||||||
// GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each
|
// GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each
|
||||||
// request. The bytes in the key are not related to the caller or KMS key that
|
// request. The bytes in the key are not related to the caller or KMS key that
|
||||||
@ -3849,6 +3918,9 @@ func (c *KMS) GenerateRandomRequest(input *GenerateRandomInput) (req *request.Re
|
|||||||
//
|
//
|
||||||
// Returns a random byte string that is cryptographically secure.
|
// Returns a random byte string that is cryptographically secure.
|
||||||
//
|
//
|
||||||
|
// You must use the NumberOfBytes parameter to specify the length of the random
|
||||||
|
// byte string. There is no default value for string length.
|
||||||
|
//
|
||||||
// By default, the random byte string is generated in KMS. To generate the byte
|
// By default, the random byte string is generated in KMS. To generate the byte
|
||||||
// string in the CloudHSM cluster that is associated with a custom key store
|
// string in the CloudHSM cluster that is associated with a custom key store
|
||||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
|
// (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
|
||||||
@ -3863,6 +3935,9 @@ func (c *KMS) GenerateRandomRequest(input *GenerateRandomInput) (req *request.Re
|
|||||||
// For more information about entropy and random number generation, see Key
|
// For more information about entropy and random number generation, see Key
|
||||||
// Management Service Cryptographic Details (https://docs.aws.amazon.com/kms/latest/cryptographic-details/).
|
// Management Service Cryptographic Details (https://docs.aws.amazon.com/kms/latest/cryptographic-details/).
|
||||||
//
|
//
|
||||||
|
// Cross-account use: Not applicable. GenerateRandom does not use any account-specific
|
||||||
|
// resources, such as KMS keys.
|
||||||
|
//
|
||||||
// Required permissions: kms:GenerateRandom (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)
|
// Required permissions: kms:GenerateRandom (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)
|
||||||
// (IAM policy)
|
// (IAM policy)
|
||||||
//
|
//
|
||||||
@ -4393,7 +4468,11 @@ func (c *KMS) GetPublicKeyRequest(input *GetPublicKeyInput) (req *request.Reques
|
|||||||
// KMS, you benefit from the authentication, authorization, and logging that
|
// KMS, you benefit from the authentication, authorization, and logging that
|
||||||
// are part of every KMS operation. You also reduce of risk of encrypting data
|
// are part of every KMS operation. You also reduce of risk of encrypting data
|
||||||
// that cannot be decrypted. These features are not effective outside of KMS.
|
// that cannot be decrypted. These features are not effective outside of KMS.
|
||||||
// For details, see Special Considerations for Downloading Public Keys (https://docs.aws.amazon.com/kms/latest/developerguide/download-public-key.html#download-public-key-considerations).
|
//
|
||||||
|
// To verify a signature outside of KMS with an SM2 public key (China Regions
|
||||||
|
// only), you must specify the distinguishing ID. By default, KMS uses 1234567812345678
|
||||||
|
// as the distinguishing ID. For more information, see Offline verification
|
||||||
|
// with SM2 key pairs (https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification).
|
||||||
//
|
//
|
||||||
// To help you use the public key safely outside of KMS, GetPublicKey returns
|
// To help you use the public key safely outside of KMS, GetPublicKey returns
|
||||||
// important information about the public key in the response, including:
|
// important information about the public key in the response, including:
|
||||||
@ -5450,6 +5529,12 @@ func (c *KMS) ListResourceTagsRequest(input *ListResourceTagsInput) (req *reques
|
|||||||
Name: opListResourceTags,
|
Name: opListResourceTags,
|
||||||
HTTPMethod: "POST",
|
HTTPMethod: "POST",
|
||||||
HTTPPath: "/",
|
HTTPPath: "/",
|
||||||
|
Paginator: &request.Paginator{
|
||||||
|
InputTokens: []string{"Marker"},
|
||||||
|
OutputTokens: []string{"NextMarker"},
|
||||||
|
LimitToken: "Limit",
|
||||||
|
TruncationToken: "Truncated",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if input == nil {
|
if input == nil {
|
||||||
@ -5532,6 +5617,58 @@ func (c *KMS) ListResourceTagsWithContext(ctx aws.Context, input *ListResourceTa
|
|||||||
return out, req.Send()
|
return out, req.Send()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ListResourceTagsPages iterates over the pages of a ListResourceTags operation,
|
||||||
|
// calling the "fn" function with the response data for each page. To stop
|
||||||
|
// iterating, return false from the fn function.
|
||||||
|
//
|
||||||
|
// See ListResourceTags method for more information on how to use this operation.
|
||||||
|
//
|
||||||
|
// Note: This operation can generate multiple requests to a service.
|
||||||
|
//
|
||||||
|
// // Example iterating over at most 3 pages of a ListResourceTags operation.
|
||||||
|
// pageNum := 0
|
||||||
|
// err := client.ListResourceTagsPages(params,
|
||||||
|
// func(page *kms.ListResourceTagsOutput, lastPage bool) bool {
|
||||||
|
// pageNum++
|
||||||
|
// fmt.Println(page)
|
||||||
|
// return pageNum <= 3
|
||||||
|
// })
|
||||||
|
//
|
||||||
|
func (c *KMS) ListResourceTagsPages(input *ListResourceTagsInput, fn func(*ListResourceTagsOutput, bool) bool) error {
|
||||||
|
return c.ListResourceTagsPagesWithContext(aws.BackgroundContext(), input, fn)
|
||||||
|
}
|
||||||
|
|
||||||
|
// ListResourceTagsPagesWithContext same as ListResourceTagsPages except
|
||||||
|
// it takes a Context and allows setting request options on the pages.
|
||||||
|
//
|
||||||
|
// The context must be non-nil and will be used for request cancellation. If
|
||||||
|
// the context is nil a panic will occur. In the future the SDK may create
|
||||||
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
||||||
|
// for more information on using Contexts.
|
||||||
|
func (c *KMS) ListResourceTagsPagesWithContext(ctx aws.Context, input *ListResourceTagsInput, fn func(*ListResourceTagsOutput, bool) bool, opts ...request.Option) error {
|
||||||
|
p := request.Pagination{
|
||||||
|
NewRequest: func() (*request.Request, error) {
|
||||||
|
var inCpy *ListResourceTagsInput
|
||||||
|
if input != nil {
|
||||||
|
tmp := *input
|
||||||
|
inCpy = &tmp
|
||||||
|
}
|
||||||
|
req, _ := c.ListResourceTagsRequest(inCpy)
|
||||||
|
req.SetContext(ctx)
|
||||||
|
req.ApplyOptions(opts...)
|
||||||
|
return req, nil
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for p.Next() {
|
||||||
|
if !fn(p.Page().(*ListResourceTagsOutput), !p.HasNextPage()) {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return p.Err()
|
||||||
|
}
|
||||||
|
|
||||||
const opListRetirableGrants = "ListRetirableGrants"
|
const opListRetirableGrants = "ListRetirableGrants"
|
||||||
|
|
||||||
// ListRetirableGrantsRequest generates a "aws/request.Request" representing the
|
// ListRetirableGrantsRequest generates a "aws/request.Request" representing the
|
||||||
@ -5563,6 +5700,12 @@ func (c *KMS) ListRetirableGrantsRequest(input *ListRetirableGrantsInput) (req *
|
|||||||
Name: opListRetirableGrants,
|
Name: opListRetirableGrants,
|
||||||
HTTPMethod: "POST",
|
HTTPMethod: "POST",
|
||||||
HTTPPath: "/",
|
HTTPPath: "/",
|
||||||
|
Paginator: &request.Paginator{
|
||||||
|
InputTokens: []string{"Marker"},
|
||||||
|
OutputTokens: []string{"NextMarker"},
|
||||||
|
LimitToken: "Limit",
|
||||||
|
TruncationToken: "Truncated",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if input == nil {
|
if input == nil {
|
||||||
@ -5659,6 +5802,58 @@ func (c *KMS) ListRetirableGrantsWithContext(ctx aws.Context, input *ListRetirab
|
|||||||
return out, req.Send()
|
return out, req.Send()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ListRetirableGrantsPages iterates over the pages of a ListRetirableGrants operation,
|
||||||
|
// calling the "fn" function with the response data for each page. To stop
|
||||||
|
// iterating, return false from the fn function.
|
||||||
|
//
|
||||||
|
// See ListRetirableGrants method for more information on how to use this operation.
|
||||||
|
//
|
||||||
|
// Note: This operation can generate multiple requests to a service.
|
||||||
|
//
|
||||||
|
// // Example iterating over at most 3 pages of a ListRetirableGrants operation.
|
||||||
|
// pageNum := 0
|
||||||
|
// err := client.ListRetirableGrantsPages(params,
|
||||||
|
// func(page *kms.ListGrantsResponse, lastPage bool) bool {
|
||||||
|
// pageNum++
|
||||||
|
// fmt.Println(page)
|
||||||
|
// return pageNum <= 3
|
||||||
|
// })
|
||||||
|
//
|
||||||
|
func (c *KMS) ListRetirableGrantsPages(input *ListRetirableGrantsInput, fn func(*ListGrantsResponse, bool) bool) error {
|
||||||
|
return c.ListRetirableGrantsPagesWithContext(aws.BackgroundContext(), input, fn)
|
||||||
|
}
|
||||||
|
|
||||||
|
// ListRetirableGrantsPagesWithContext same as ListRetirableGrantsPages except
|
||||||
|
// it takes a Context and allows setting request options on the pages.
|
||||||
|
//
|
||||||
|
// The context must be non-nil and will be used for request cancellation. If
|
||||||
|
// the context is nil a panic will occur. In the future the SDK may create
|
||||||
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
||||||
|
// for more information on using Contexts.
|
||||||
|
func (c *KMS) ListRetirableGrantsPagesWithContext(ctx aws.Context, input *ListRetirableGrantsInput, fn func(*ListGrantsResponse, bool) bool, opts ...request.Option) error {
|
||||||
|
p := request.Pagination{
|
||||||
|
NewRequest: func() (*request.Request, error) {
|
||||||
|
var inCpy *ListRetirableGrantsInput
|
||||||
|
if input != nil {
|
||||||
|
tmp := *input
|
||||||
|
inCpy = &tmp
|
||||||
|
}
|
||||||
|
req, _ := c.ListRetirableGrantsRequest(inCpy)
|
||||||
|
req.SetContext(ctx)
|
||||||
|
req.ApplyOptions(opts...)
|
||||||
|
return req, nil
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for p.Next() {
|
||||||
|
if !fn(p.Page().(*ListGrantsResponse), !p.HasNextPage()) {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return p.Err()
|
||||||
|
}
|
||||||
|
|
||||||
const opPutKeyPolicy = "PutKeyPolicy"
|
const opPutKeyPolicy = "PutKeyPolicy"
|
||||||
|
|
||||||
// PutKeyPolicyRequest generates a "aws/request.Request" representing the
|
// PutKeyPolicyRequest generates a "aws/request.Request" representing the
|
||||||
@ -7321,7 +7516,7 @@ func (c *KMS) UpdateCustomKeyStoreRequest(input *UpdateCustomKeyStoreInput) (req
|
|||||||
//
|
//
|
||||||
// If the operation succeeds, it returns a JSON object with no properties.
|
// If the operation succeeds, it returns a JSON object with no properties.
|
||||||
//
|
//
|
||||||
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// feature in KMS, which combines the convenience and extensive integration
|
// feature in KMS, which combines the convenience and extensive integration
|
||||||
// of KMS with the isolation and control of a single-tenant key store.
|
// of KMS with the isolation and control of a single-tenant key store.
|
||||||
//
|
//
|
||||||
@ -7817,11 +8012,15 @@ func (c *KMS) VerifyRequest(input *VerifyInput) (req *request.Request, output *V
|
|||||||
// You can also verify the digital signature by using the public key of the
|
// You can also verify the digital signature by using the public key of the
|
||||||
// KMS key outside of KMS. Use the GetPublicKey operation to download the public
|
// KMS key outside of KMS. Use the GetPublicKey operation to download the public
|
||||||
// key in the asymmetric KMS key and then use the public key to verify the signature
|
// key in the asymmetric KMS key and then use the public key to verify the signature
|
||||||
// outside of KMS. The advantage of using the Verify operation is that it is
|
// outside of KMS. To verify a signature outside of KMS with an SM2 public key,
|
||||||
// performed within KMS. As a result, it's easy to call, the operation is performed
|
// you must specify the distinguishing ID. By default, KMS uses 1234567812345678
|
||||||
// within the FIPS boundary, it is logged in CloudTrail, and you can use key
|
// as the distinguishing ID. For more information, see Offline verification
|
||||||
// policy and IAM policy to determine who is authorized to use the KMS key to
|
// with SM2 key pairs (https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification)
|
||||||
// verify signatures.
|
// in Key Management Service Developer Guide. The advantage of using the Verify
|
||||||
|
// operation is that it is performed within KMS. As a result, it's easy to call,
|
||||||
|
// the operation is performed within the FIPS boundary, it is logged in CloudTrail,
|
||||||
|
// and you can use key policy and IAM policy to determine who is authorized
|
||||||
|
// to use the KMS key to verify signatures.
|
||||||
//
|
//
|
||||||
// The KMS key that you use for this operation must be in a compatible key state.
|
// The KMS key that you use for this operation must be in a compatible key state.
|
||||||
// For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
|
// For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
|
||||||
@ -8854,9 +9053,7 @@ type CreateCustomKeyStoreInput struct {
|
|||||||
// ID of any active CloudHSM cluster that is not already associated with a custom
|
// ID of any active CloudHSM cluster that is not already associated with a custom
|
||||||
// key store. To find the cluster ID, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html)
|
// key store. To find the cluster ID, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html)
|
||||||
// operation.
|
// operation.
|
||||||
//
|
CloudHsmClusterId *string `min:"19" type:"string"`
|
||||||
// CloudHsmClusterId is a required field
|
|
||||||
CloudHsmClusterId *string `min:"19" type:"string" required:"true"`
|
|
||||||
|
|
||||||
// Specifies a friendly name for the custom key store. The name must be unique
|
// Specifies a friendly name for the custom key store. The name must be unique
|
||||||
// in your Amazon Web Services account.
|
// in your Amazon Web Services account.
|
||||||
@ -8876,16 +9073,12 @@ type CreateCustomKeyStoreInput struct {
|
|||||||
// KeyStorePassword is a sensitive parameter and its value will be
|
// KeyStorePassword is a sensitive parameter and its value will be
|
||||||
// replaced with "sensitive" in string returned by CreateCustomKeyStoreInput's
|
// replaced with "sensitive" in string returned by CreateCustomKeyStoreInput's
|
||||||
// String and GoString methods.
|
// String and GoString methods.
|
||||||
//
|
KeyStorePassword *string `min:"7" type:"string" sensitive:"true"`
|
||||||
// KeyStorePassword is a required field
|
|
||||||
KeyStorePassword *string `min:"7" type:"string" required:"true" sensitive:"true"`
|
|
||||||
|
|
||||||
// Enter the content of the trust anchor certificate for the cluster. This is
|
// Enter the content of the trust anchor certificate for the cluster. This is
|
||||||
// the content of the customerCA.crt file that you created when you initialized
|
// the content of the customerCA.crt file that you created when you initialized
|
||||||
// the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html).
|
// the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html).
|
||||||
//
|
TrustAnchorCertificate *string `min:"1" type:"string"`
|
||||||
// TrustAnchorCertificate is a required field
|
|
||||||
TrustAnchorCertificate *string `min:"1" type:"string" required:"true"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// String returns the string representation.
|
// String returns the string representation.
|
||||||
@ -8909,9 +9102,6 @@ func (s CreateCustomKeyStoreInput) GoString() string {
|
|||||||
// Validate inspects the fields of the type to determine if they are valid.
|
// Validate inspects the fields of the type to determine if they are valid.
|
||||||
func (s *CreateCustomKeyStoreInput) Validate() error {
|
func (s *CreateCustomKeyStoreInput) Validate() error {
|
||||||
invalidParams := request.ErrInvalidParams{Context: "CreateCustomKeyStoreInput"}
|
invalidParams := request.ErrInvalidParams{Context: "CreateCustomKeyStoreInput"}
|
||||||
if s.CloudHsmClusterId == nil {
|
|
||||||
invalidParams.Add(request.NewErrParamRequired("CloudHsmClusterId"))
|
|
||||||
}
|
|
||||||
if s.CloudHsmClusterId != nil && len(*s.CloudHsmClusterId) < 19 {
|
if s.CloudHsmClusterId != nil && len(*s.CloudHsmClusterId) < 19 {
|
||||||
invalidParams.Add(request.NewErrParamMinLen("CloudHsmClusterId", 19))
|
invalidParams.Add(request.NewErrParamMinLen("CloudHsmClusterId", 19))
|
||||||
}
|
}
|
||||||
@ -8921,15 +9111,9 @@ func (s *CreateCustomKeyStoreInput) Validate() error {
|
|||||||
if s.CustomKeyStoreName != nil && len(*s.CustomKeyStoreName) < 1 {
|
if s.CustomKeyStoreName != nil && len(*s.CustomKeyStoreName) < 1 {
|
||||||
invalidParams.Add(request.NewErrParamMinLen("CustomKeyStoreName", 1))
|
invalidParams.Add(request.NewErrParamMinLen("CustomKeyStoreName", 1))
|
||||||
}
|
}
|
||||||
if s.KeyStorePassword == nil {
|
|
||||||
invalidParams.Add(request.NewErrParamRequired("KeyStorePassword"))
|
|
||||||
}
|
|
||||||
if s.KeyStorePassword != nil && len(*s.KeyStorePassword) < 7 {
|
if s.KeyStorePassword != nil && len(*s.KeyStorePassword) < 7 {
|
||||||
invalidParams.Add(request.NewErrParamMinLen("KeyStorePassword", 7))
|
invalidParams.Add(request.NewErrParamMinLen("KeyStorePassword", 7))
|
||||||
}
|
}
|
||||||
if s.TrustAnchorCertificate == nil {
|
|
||||||
invalidParams.Add(request.NewErrParamRequired("TrustAnchorCertificate"))
|
|
||||||
}
|
|
||||||
if s.TrustAnchorCertificate != nil && len(*s.TrustAnchorCertificate) < 1 {
|
if s.TrustAnchorCertificate != nil && len(*s.TrustAnchorCertificate) < 1 {
|
||||||
invalidParams.Add(request.NewErrParamMinLen("TrustAnchorCertificate", 1))
|
invalidParams.Add(request.NewErrParamMinLen("TrustAnchorCertificate", 1))
|
||||||
}
|
}
|
||||||
@ -9284,7 +9468,7 @@ type CreateKeyInput struct {
|
|||||||
// The response includes the custom key store ID and the ID of the CloudHSM
|
// The response includes the custom key store ID and the ID of the CloudHSM
|
||||||
// cluster.
|
// cluster.
|
||||||
//
|
//
|
||||||
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
|
||||||
// feature in KMS, which combines the convenience and extensive integration
|
// feature in KMS, which combines the convenience and extensive integration
|
||||||
// of KMS with the isolation and control of a single-tenant key store.
|
// of KMS with the isolation and control of a single-tenant key store.
|
||||||
CustomKeyStoreId *string `min:"1" type:"string"`
|
CustomKeyStoreId *string `min:"1" type:"string"`
|
||||||
@ -9307,9 +9491,10 @@ type CreateKeyInput struct {
|
|||||||
Description *string `type:"string"`
|
Description *string `type:"string"`
|
||||||
|
|
||||||
// Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,
|
// Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,
|
||||||
// creates a KMS key with a 256-bit symmetric key for encryption and decryption.
|
// creates a KMS key with a 256-bit AES-GCM key that is used for encryption
|
||||||
// For help choosing a key spec for your KMS key, see Choosing a KMS key type
|
// and decryption, except in China Regions, where it creates a 128-bit symmetric
|
||||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose)
|
// key that uses SM4 encryption. For help choosing a key spec for your KMS key,
|
||||||
|
// see Choosing a KMS key type (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose)
|
||||||
// in the Key Management Service Developer Guide .
|
// in the Key Management Service Developer Guide .
|
||||||
//
|
//
|
||||||
// The KeySpec determines whether the KMS key contains a symmetric key or an
|
// The KeySpec determines whether the KMS key contains a symmetric key or an
|
||||||
@ -9328,7 +9513,7 @@ type CreateKeyInput struct {
|
|||||||
//
|
//
|
||||||
// KMS supports the following key specs for KMS keys:
|
// KMS supports the following key specs for KMS keys:
|
||||||
//
|
//
|
||||||
// * Symmetric encryption key (default) SYMMETRIC_DEFAULT (AES-256-GCM)
|
// * Symmetric encryption key (default) SYMMETRIC_DEFAULT
|
||||||
//
|
//
|
||||||
// * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512
|
// * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512
|
||||||
//
|
//
|
||||||
@ -9339,6 +9524,8 @@ type CreateKeyInput struct {
|
|||||||
//
|
//
|
||||||
// * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1),
|
// * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1),
|
||||||
// commonly used for cryptocurrencies.
|
// commonly used for cryptocurrencies.
|
||||||
|
//
|
||||||
|
// * SM2 key pairs (China Regions only) SM2
|
||||||
KeySpec *string `type:"string" enum:"KeySpec"`
|
KeySpec *string `type:"string" enum:"KeySpec"`
|
||||||
|
|
||||||
// Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
|
// Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
|
||||||
@ -9357,6 +9544,9 @@ type CreateKeyInput struct {
|
|||||||
// or SIGN_VERIFY.
|
// or SIGN_VERIFY.
|
||||||
//
|
//
|
||||||
// * For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.
|
// * For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.
|
||||||
|
//
|
||||||
|
// * For asymmetric KMS keys with SM2 key material (China Regions only),
|
||||||
|
// specify ENCRYPT_DECRYPT or SIGN_VERIFY.
|
||||||
KeyUsage *string `type:"string" enum:"KeyUsageType"`
|
KeyUsage *string `type:"string" enum:"KeyUsageType"`
|
||||||
|
|
||||||
// Creates a multi-Region primary key that you can replicate into other Amazon
|
// Creates a multi-Region primary key that you can replicate into other Amazon
|
||||||
@ -9423,21 +9613,20 @@ type CreateKeyInput struct {
|
|||||||
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
|
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
|
||||||
// in the Amazon Web Services Identity and Access Management User Guide.
|
// in the Amazon Web Services Identity and Access Management User Guide.
|
||||||
//
|
//
|
||||||
// A key policy document must conform to the following rules.
|
// A key policy document can include only the following characters:
|
||||||
//
|
//
|
||||||
// * Up to 32 kilobytes (32768 bytes)
|
// * Printable ASCII characters from the space character (\u0020) through
|
||||||
|
// the end of the ASCII character range.
|
||||||
//
|
//
|
||||||
// * Must be UTF-8 encoded
|
// * Printable characters in the Basic Latin and Latin-1 Supplement character
|
||||||
|
// set (through \u00FF).
|
||||||
//
|
//
|
||||||
// * The only Unicode characters that are permitted in a key policy document
|
// * The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
|
||||||
// are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D),
|
// characters
|
||||||
// and characters in the range U+0020 to U+00FF.
|
|
||||||
//
|
//
|
||||||
// * The Sid element in a key policy statement can include spaces. (Spaces
|
// For information about key policies, see Key policies in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
|
||||||
// are prohibited in the Sid element of an IAM policy document.)
|
// in the Key Management Service Developer Guide. For help writing and formatting
|
||||||
//
|
// a JSON policy document, see the IAM JSON Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
|
||||||
// For help writing and formatting a JSON policy document, see the IAM JSON
|
|
||||||
// Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
|
|
||||||
// in the Identity and Access Management User Guide .
|
// in the Identity and Access Management User Guide .
|
||||||
Policy *string `min:"1" type:"string"`
|
Policy *string `min:"1" type:"string"`
|
||||||
|
|
||||||
@ -11777,10 +11966,12 @@ type GenerateDataKeyPairInput struct {
|
|||||||
|
|
||||||
// Determines the type of data key pair that is generated.
|
// Determines the type of data key pair that is generated.
|
||||||
//
|
//
|
||||||
// The KMS rule that restricts the use of asymmetric RSA KMS keys to encrypt
|
// The KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to
|
||||||
// and decrypt or to sign and verify (but not both), and the rule that permits
|
// encrypt and decrypt or to sign and verify (but not both), and the rule that
|
||||||
// you to use ECC KMS keys only to sign and verify, are not effective on data
|
// permits you to use ECC KMS keys only to sign and verify, are not effective
|
||||||
// key pairs, which are used outside of KMS.
|
// on data key pairs, which are used outside of KMS. The SM2 key spec is only
|
||||||
|
// available in China Regions. RSA and ECC asymmetric key pairs are also available
|
||||||
|
// in China Regions.
|
||||||
//
|
//
|
||||||
// KeyPairSpec is a required field
|
// KeyPairSpec is a required field
|
||||||
KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"`
|
KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"`
|
||||||
@ -11981,10 +12172,12 @@ type GenerateDataKeyPairWithoutPlaintextInput struct {
|
|||||||
|
|
||||||
// Determines the type of data key pair that is generated.
|
// Determines the type of data key pair that is generated.
|
||||||
//
|
//
|
||||||
// The KMS rule that restricts the use of asymmetric RSA KMS keys to encrypt
|
// The KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to
|
||||||
// and decrypt or to sign and verify (but not both), and the rule that permits
|
// encrypt and decrypt or to sign and verify (but not both), and the rule that
|
||||||
// you to use ECC KMS keys only to sign and verify, are not effective on data
|
// permits you to use ECC KMS keys only to sign and verify, are not effective
|
||||||
// key pairs, which are used outside of KMS.
|
// on data key pairs, which are used outside of KMS. The SM2 key spec is only
|
||||||
|
// available in China Regions. RSA and ECC asymmetric key pairs are also available
|
||||||
|
// in China Regions.
|
||||||
//
|
//
|
||||||
// KeyPairSpec is a required field
|
// KeyPairSpec is a required field
|
||||||
KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"`
|
KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"`
|
||||||
@ -12459,7 +12652,7 @@ type GenerateRandomInput struct {
|
|||||||
// To find the ID of a custom key store, use the DescribeCustomKeyStores operation.
|
// To find the ID of a custom key store, use the DescribeCustomKeyStores operation.
|
||||||
CustomKeyStoreId *string `min:"1" type:"string"`
|
CustomKeyStoreId *string `min:"1" type:"string"`
|
||||||
|
|
||||||
// The length of the byte string.
|
// The length of the random byte string. This parameter is required.
|
||||||
NumberOfBytes *int64 `min:"1" type:"integer"`
|
NumberOfBytes *int64 `min:"1" type:"integer"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -16010,18 +16203,21 @@ type PutKeyPolicyInput struct {
|
|||||||
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
|
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
|
||||||
// in the Amazon Web Services Identity and Access Management User Guide.
|
// in the Amazon Web Services Identity and Access Management User Guide.
|
||||||
//
|
//
|
||||||
// A key policy document must conform to the following rules.
|
// A key policy document can include only the following characters:
|
||||||
//
|
//
|
||||||
// * Up to 32 kilobytes (32768 bytes)
|
// * Printable ASCII characters from the space character (\u0020) through
|
||||||
|
// the end of the ASCII character range.
|
||||||
//
|
//
|
||||||
// * Must be UTF-8 encoded
|
// * Printable characters in the Basic Latin and Latin-1 Supplement character
|
||||||
|
// set (through \u00FF).
|
||||||
//
|
//
|
||||||
// * The only Unicode characters that are permitted in a key policy document
|
// * The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
|
||||||
// are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D),
|
// characters
|
||||||
// and characters in the range U+0020 to U+00FF.
|
|
||||||
//
|
//
|
||||||
// * The Sid element in a key policy statement can include spaces. (Spaces
|
// For information about key policies, see Key policies in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
|
||||||
// are prohibited in the Sid element of an IAM policy document.)
|
// in the Key Management Service Developer Guide. For help writing and formatting
|
||||||
|
// a JSON policy document, see the IAM JSON Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
|
||||||
|
// in the Identity and Access Management User Guide .
|
||||||
//
|
//
|
||||||
// Policy is a required field
|
// Policy is a required field
|
||||||
Policy *string `min:"1" type:"string" required:"true"`
|
Policy *string `min:"1" type:"string" required:"true"`
|
||||||
@ -16481,18 +16677,21 @@ type ReplicateKeyInput struct {
|
|||||||
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
|
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
|
||||||
// in the Identity and Access Management User Guide .
|
// in the Identity and Access Management User Guide .
|
||||||
//
|
//
|
||||||
// A key policy document must conform to the following rules.
|
// A key policy document can include only the following characters:
|
||||||
//
|
//
|
||||||
// * Up to 32 kilobytes (32768 bytes)
|
// * Printable ASCII characters from the space character (\u0020) through
|
||||||
|
// the end of the ASCII character range.
|
||||||
//
|
//
|
||||||
// * Must be UTF-8 encoded
|
// * Printable characters in the Basic Latin and Latin-1 Supplement character
|
||||||
|
// set (through \u00FF).
|
||||||
//
|
//
|
||||||
// * The only Unicode characters that are permitted in a key policy document
|
// * The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
|
||||||
// are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D),
|
// characters
|
||||||
// and characters in the range U+0020 to U+00FF.
|
|
||||||
//
|
//
|
||||||
// * The Sid element in a key policy statement can include spaces. (Spaces
|
// For information about key policies, see Key policies in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
|
||||||
// are prohibited in the Sid element of an IAM policy document.)
|
// in the Key Management Service Developer Guide. For help writing and formatting
|
||||||
|
// a JSON policy document, see the IAM JSON Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
|
||||||
|
// in the Identity and Access Management User Guide .
|
||||||
Policy *string `min:"1" type:"string"`
|
Policy *string `min:"1" type:"string"`
|
||||||
|
|
||||||
// The Region ID of the Amazon Web Services Region for this replica key.
|
// The Region ID of the Amazon Web Services Region for this replica key.
|
||||||
@ -18538,6 +18737,9 @@ const (
|
|||||||
|
|
||||||
// ConnectionErrorCodeTypeSubnetNotFound is a ConnectionErrorCodeType enum value
|
// ConnectionErrorCodeTypeSubnetNotFound is a ConnectionErrorCodeType enum value
|
||||||
ConnectionErrorCodeTypeSubnetNotFound = "SUBNET_NOT_FOUND"
|
ConnectionErrorCodeTypeSubnetNotFound = "SUBNET_NOT_FOUND"
|
||||||
|
|
||||||
|
// ConnectionErrorCodeTypeInsufficientFreeAddressesInSubnet is a ConnectionErrorCodeType enum value
|
||||||
|
ConnectionErrorCodeTypeInsufficientFreeAddressesInSubnet = "INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ConnectionErrorCodeType_Values returns all elements of the ConnectionErrorCodeType enum
|
// ConnectionErrorCodeType_Values returns all elements of the ConnectionErrorCodeType enum
|
||||||
@ -18552,6 +18754,7 @@ func ConnectionErrorCodeType_Values() []string {
|
|||||||
ConnectionErrorCodeTypeUserNotFound,
|
ConnectionErrorCodeTypeUserNotFound,
|
||||||
ConnectionErrorCodeTypeUserLoggedIn,
|
ConnectionErrorCodeTypeUserLoggedIn,
|
||||||
ConnectionErrorCodeTypeSubnetNotFound,
|
ConnectionErrorCodeTypeSubnetNotFound,
|
||||||
|
ConnectionErrorCodeTypeInsufficientFreeAddressesInSubnet,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -18619,6 +18822,9 @@ const (
|
|||||||
|
|
||||||
// CustomerMasterKeySpecHmac512 is a CustomerMasterKeySpec enum value
|
// CustomerMasterKeySpecHmac512 is a CustomerMasterKeySpec enum value
|
||||||
CustomerMasterKeySpecHmac512 = "HMAC_512"
|
CustomerMasterKeySpecHmac512 = "HMAC_512"
|
||||||
|
|
||||||
|
// CustomerMasterKeySpecSm2 is a CustomerMasterKeySpec enum value
|
||||||
|
CustomerMasterKeySpecSm2 = "SM2"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CustomerMasterKeySpec_Values returns all elements of the CustomerMasterKeySpec enum
|
// CustomerMasterKeySpec_Values returns all elements of the CustomerMasterKeySpec enum
|
||||||
@ -18636,6 +18842,7 @@ func CustomerMasterKeySpec_Values() []string {
|
|||||||
CustomerMasterKeySpecHmac256,
|
CustomerMasterKeySpecHmac256,
|
||||||
CustomerMasterKeySpecHmac384,
|
CustomerMasterKeySpecHmac384,
|
||||||
CustomerMasterKeySpecHmac512,
|
CustomerMasterKeySpecHmac512,
|
||||||
|
CustomerMasterKeySpecSm2,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -18660,6 +18867,9 @@ const (
|
|||||||
|
|
||||||
// DataKeyPairSpecEccSecgP256k1 is a DataKeyPairSpec enum value
|
// DataKeyPairSpecEccSecgP256k1 is a DataKeyPairSpec enum value
|
||||||
DataKeyPairSpecEccSecgP256k1 = "ECC_SECG_P256K1"
|
DataKeyPairSpecEccSecgP256k1 = "ECC_SECG_P256K1"
|
||||||
|
|
||||||
|
// DataKeyPairSpecSm2 is a DataKeyPairSpec enum value
|
||||||
|
DataKeyPairSpecSm2 = "SM2"
|
||||||
)
|
)
|
||||||
|
|
||||||
// DataKeyPairSpec_Values returns all elements of the DataKeyPairSpec enum
|
// DataKeyPairSpec_Values returns all elements of the DataKeyPairSpec enum
|
||||||
@ -18672,6 +18882,7 @@ func DataKeyPairSpec_Values() []string {
|
|||||||
DataKeyPairSpecEccNistP384,
|
DataKeyPairSpecEccNistP384,
|
||||||
DataKeyPairSpecEccNistP521,
|
DataKeyPairSpecEccNistP521,
|
||||||
DataKeyPairSpecEccSecgP256k1,
|
DataKeyPairSpecEccSecgP256k1,
|
||||||
|
DataKeyPairSpecSm2,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -18700,6 +18911,9 @@ const (
|
|||||||
|
|
||||||
// EncryptionAlgorithmSpecRsaesOaepSha256 is a EncryptionAlgorithmSpec enum value
|
// EncryptionAlgorithmSpecRsaesOaepSha256 is a EncryptionAlgorithmSpec enum value
|
||||||
EncryptionAlgorithmSpecRsaesOaepSha256 = "RSAES_OAEP_SHA_256"
|
EncryptionAlgorithmSpecRsaesOaepSha256 = "RSAES_OAEP_SHA_256"
|
||||||
|
|
||||||
|
// EncryptionAlgorithmSpecSm2pke is a EncryptionAlgorithmSpec enum value
|
||||||
|
EncryptionAlgorithmSpecSm2pke = "SM2PKE"
|
||||||
)
|
)
|
||||||
|
|
||||||
// EncryptionAlgorithmSpec_Values returns all elements of the EncryptionAlgorithmSpec enum
|
// EncryptionAlgorithmSpec_Values returns all elements of the EncryptionAlgorithmSpec enum
|
||||||
@ -18708,6 +18922,7 @@ func EncryptionAlgorithmSpec_Values() []string {
|
|||||||
EncryptionAlgorithmSpecSymmetricDefault,
|
EncryptionAlgorithmSpecSymmetricDefault,
|
||||||
EncryptionAlgorithmSpecRsaesOaepSha1,
|
EncryptionAlgorithmSpecRsaesOaepSha1,
|
||||||
EncryptionAlgorithmSpecRsaesOaepSha256,
|
EncryptionAlgorithmSpecRsaesOaepSha256,
|
||||||
|
EncryptionAlgorithmSpecSm2pke,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -18851,6 +19066,9 @@ const (
|
|||||||
|
|
||||||
// KeySpecHmac512 is a KeySpec enum value
|
// KeySpecHmac512 is a KeySpec enum value
|
||||||
KeySpecHmac512 = "HMAC_512"
|
KeySpecHmac512 = "HMAC_512"
|
||||||
|
|
||||||
|
// KeySpecSm2 is a KeySpec enum value
|
||||||
|
KeySpecSm2 = "SM2"
|
||||||
)
|
)
|
||||||
|
|
||||||
// KeySpec_Values returns all elements of the KeySpec enum
|
// KeySpec_Values returns all elements of the KeySpec enum
|
||||||
@ -18868,6 +19086,7 @@ func KeySpec_Values() []string {
|
|||||||
KeySpecHmac256,
|
KeySpecHmac256,
|
||||||
KeySpecHmac384,
|
KeySpecHmac384,
|
||||||
KeySpecHmac512,
|
KeySpecHmac512,
|
||||||
|
KeySpecSm2,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -19034,6 +19253,9 @@ const (
|
|||||||
|
|
||||||
// SigningAlgorithmSpecEcdsaSha512 is a SigningAlgorithmSpec enum value
|
// SigningAlgorithmSpecEcdsaSha512 is a SigningAlgorithmSpec enum value
|
||||||
SigningAlgorithmSpecEcdsaSha512 = "ECDSA_SHA_512"
|
SigningAlgorithmSpecEcdsaSha512 = "ECDSA_SHA_512"
|
||||||
|
|
||||||
|
// SigningAlgorithmSpecSm2dsa is a SigningAlgorithmSpec enum value
|
||||||
|
SigningAlgorithmSpecSm2dsa = "SM2DSA"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SigningAlgorithmSpec_Values returns all elements of the SigningAlgorithmSpec enum
|
// SigningAlgorithmSpec_Values returns all elements of the SigningAlgorithmSpec enum
|
||||||
@ -19048,6 +19270,7 @@ func SigningAlgorithmSpec_Values() []string {
|
|||||||
SigningAlgorithmSpecEcdsaSha256,
|
SigningAlgorithmSpecEcdsaSha256,
|
||||||
SigningAlgorithmSpecEcdsaSha384,
|
SigningAlgorithmSpecEcdsaSha384,
|
||||||
SigningAlgorithmSpecEcdsaSha512,
|
SigningAlgorithmSpecEcdsaSha512,
|
||||||
|
SigningAlgorithmSpecSm2dsa,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -14,7 +14,7 @@ github.com/armon/go-metrics
|
|||||||
# github.com/armon/go-radix v1.0.0
|
# github.com/armon/go-radix v1.0.0
|
||||||
## explicit
|
## explicit
|
||||||
github.com/armon/go-radix
|
github.com/armon/go-radix
|
||||||
# github.com/aws/aws-sdk-go v1.44.28
|
# github.com/aws/aws-sdk-go v1.44.62
|
||||||
## explicit; go 1.11
|
## explicit; go 1.11
|
||||||
github.com/aws/aws-sdk-go/aws
|
github.com/aws/aws-sdk-go/aws
|
||||||
github.com/aws/aws-sdk-go/aws/awserr
|
github.com/aws/aws-sdk-go/aws/awserr
|
||||||
|
Loading…
Reference in New Issue
Block a user