|
554 | 554 | {"shape":"NotFoundException"},
|
555 | 555 | {"shape":"DependencyTimeoutException"},
|
556 | 556 | {"shape":"InvalidMarkerException"},
|
| 557 | + {"shape":"InvalidGrantIdException"}, |
557 | 558 | {"shape":"InvalidArnException"},
|
558 | 559 | {"shape":"KMSInternalException"},
|
559 | 560 | {"shape":"KMSInvalidStateException"}
|
560 | 561 | ],
|
561 |
| - "documentation":"<p>Gets a list of all grants for the specified customer master key (CMK).</p> <note> <p>The <code>GranteePrincipal</code> field in the <code>ListGrants</code> response usually contains the user or role designated as the grantee principal in the grant. However, when the grantee principal in the grant is an AWS service, the <code>GranteePrincipal</code> field contains the <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services\">service principal</a>, which might represent several different grantee principals.</p> </note> <p> <b>Cross-account use</b>: Yes. To perform this operation on a CMK in a different AWS account, specify the key ARN in the value of the <code>KeyId</code> parameter.</p> <p> <b>Required permissions</b>: <a href=\"https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html\">kms:ListGrants</a> (key policy)</p> <p> <b>Related operations:</b> </p> <ul> <li> <p> <a>CreateGrant</a> </p> </li> <li> <p> <a>ListRetirableGrants</a> </p> </li> <li> <p> <a>RetireGrant</a> </p> </li> <li> <p> <a>RevokeGrant</a> </p> </li> </ul>" |
| 562 | + "documentation":"<p>Gets a list of all grants for the specified customer master key (CMK). </p> <p>You must specify the CMK in all requests. You can filter the grant list by grant ID or grantee principal.</p> <note> <p>The <code>GranteePrincipal</code> field in the <code>ListGrants</code> response usually contains the user or role designated as the grantee principal in the grant. However, when the grantee principal in the grant is an AWS service, the <code>GranteePrincipal</code> field contains the <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services\">service principal</a>, which might represent several different grantee principals.</p> </note> <p> <b>Cross-account use</b>: Yes. To perform this operation on a CMK in a different AWS account, specify the key ARN in the value of the <code>KeyId</code> parameter.</p> <p> <b>Required permissions</b>: <a href=\"https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html\">kms:ListGrants</a> (key policy)</p> <p> <b>Related operations:</b> </p> <ul> <li> <p> <a>CreateGrant</a> </p> </li> <li> <p> <a>ListRetirableGrants</a> </p> </li> <li> <p> <a>RetireGrant</a> </p> </li> <li> <p> <a>RevokeGrant</a> </p> </li> </ul>" |
562 | 563 | },
|
563 | 564 | "ListKeyPolicies":{
|
564 | 565 | "name":"ListKeyPolicies",
|
|
872 | 873 | },
|
873 | 874 | "TargetKeyId":{
|
874 | 875 | "shape":"KeyIdType",
|
875 |
| - "documentation":"<p>String that contains the key identifier of the CMK associated with the alias.</p>" |
876 |
| - }, |
877 |
| - "CreationDate":{ |
878 |
| - "shape":"DateType", |
879 |
| - "documentation":"<p>Date and time that the alias was most recently created in the account and Region. Formatted as Unix time.</p>" |
| 876 | + "documentation":"<p>String that contains the key identifier referred to by the alias.</p>" |
880 | 877 | },
|
881 |
| - "LastUpdatedDate":{ |
882 |
| - "shape":"DateType", |
883 |
| - "documentation":"<p>Date and time that the alias was most recently associated with a CMK in the account and Region. Formatted as Unix time.</p>" |
884 |
| - } |
| 878 | + "CreationDate":{"shape":"DateType"}, |
| 879 | + "LastUpdatedDate":{"shape":"DateType"} |
885 | 880 | },
|
886 | 881 | "documentation":"<p>Contains information about an alias.</p>"
|
887 | 882 | },
|
|
1113 | 1108 | },
|
1114 | 1109 | "GrantId":{
|
1115 | 1110 | "shape":"GrantIdType",
|
1116 |
| - "documentation":"<p>The unique identifier for the grant.</p> <p>You can use the <code>GrantId</code> in a subsequent <a>RetireGrant</a> or <a>RevokeGrant</a> operation.</p>" |
| 1111 | + "documentation":"<p>The unique identifier for the grant.</p> <p>You can use the <code>GrantId</code> in a <a>ListGrants</a>, <a>RetireGrant</a>, or <a>RevokeGrant</a> operation.</p>" |
1117 | 1112 | }
|
1118 | 1113 | }
|
1119 | 1114 | },
|
|
2359 | 2354 | },
|
2360 | 2355 | "KeyId":{
|
2361 | 2356 | "shape":"KeyIdType",
|
2362 |
| - "documentation":"<p>A unique identifier for the customer master key (CMK).</p> <p>Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.</p> <p>For example:</p> <ul> <li> <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> </ul> <p>To get the key ID and key ARN for a CMK, use <a>ListKeys</a> or <a>DescribeKey</a>.</p>" |
| 2357 | + "documentation":"<p>Returns only grants for the specified customer master key (CMK). This parameter is required.</p> <p>Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.</p> <p>For example:</p> <ul> <li> <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> </ul> <p>To get the key ID and key ARN for a CMK, use <a>ListKeys</a> or <a>DescribeKey</a>.</p>" |
| 2358 | + }, |
| 2359 | + "GrantId":{ |
| 2360 | + "shape":"GrantIdType", |
| 2361 | + "documentation":"<p>Returns only the grant with the specified grant ID. The grant ID uniquely identifies the grant. </p>" |
| 2362 | + }, |
| 2363 | + "GranteePrincipal":{ |
| 2364 | + "shape":"PrincipalIdType", |
| 2365 | + "documentation":"<p>Returns only grants where the specified principal is the grantee principal for the grant.</p>" |
2363 | 2366 | }
|
2364 | 2367 | }
|
2365 | 2368 | },
|
|
0 commit comments