Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AlgorithmSpec

type AlgorithmSpec string
const (
	AlgorithmSpecRsaesPkcs1V15   AlgorithmSpec = "RSAES_PKCS1_V1_5"
	AlgorithmSpecRsaesOaepSha1   AlgorithmSpec = "RSAES_OAEP_SHA_1"
	AlgorithmSpecRsaesOaepSha256 AlgorithmSpec = "RSAES_OAEP_SHA_256"
)

    Enum values for AlgorithmSpec

    func (AlgorithmSpec) Values

    func (AlgorithmSpec) Values() []AlgorithmSpec

      Values returns all known values for AlgorithmSpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

      type AliasListEntry

      type AliasListEntry struct {
      
      	// String that contains the key ARN.
      	AliasArn *string
      
      	// String that contains the alias. This value begins with alias/.
      	AliasName *string
      
      	// Date and time that the alias was most recently created in the account and
      	// Region. Formatted as Unix time.
      	CreationDate *time.Time
      
      	// Date and time that the alias was most recently associated with a CMK in the
      	// account and Region. Formatted as Unix time.
      	LastUpdatedDate *time.Time
      
      	// String that contains the key identifier of the CMK associated with the alias.
      	TargetKeyId *string
      }

        Contains information about an alias.

        type AlreadyExistsException

        type AlreadyExistsException struct {
        	Message *string
        }

          The request was rejected because it attempted to create a resource that already exists.

          func (*AlreadyExistsException) Error

          func (e *AlreadyExistsException) Error() string

          func (*AlreadyExistsException) ErrorCode

          func (e *AlreadyExistsException) ErrorCode() string

          func (*AlreadyExistsException) ErrorFault

          func (e *AlreadyExistsException) ErrorFault() smithy.ErrorFault

          func (*AlreadyExistsException) ErrorMessage

          func (e *AlreadyExistsException) ErrorMessage() string

          type CloudHsmClusterInUseException

          type CloudHsmClusterInUseException struct {
          	Message *string
          }

            The request was rejected because the specified AWS CloudHSM cluster is already associated with a custom key store or it shares a backup history with a cluster that is associated with a custom key store. Each custom key store must be associated with a different AWS CloudHSM cluster. Clusters that share a backup history have the same cluster certificate. To view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) operation.

            func (*CloudHsmClusterInUseException) Error

            func (*CloudHsmClusterInUseException) ErrorCode

            func (e *CloudHsmClusterInUseException) ErrorCode() string

            func (*CloudHsmClusterInUseException) ErrorFault

            func (*CloudHsmClusterInUseException) ErrorMessage

            func (e *CloudHsmClusterInUseException) ErrorMessage() string

            type CloudHsmClusterInvalidConfigurationException

            type CloudHsmClusterInvalidConfigurationException struct {
            	Message *string
            }

              The request was rejected because the associated AWS CloudHSM cluster did not meet the configuration requirements for a custom key store.

              * The cluster must be configured with private subnets in at least two different Availability Zones in the Region.

              * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) (cloudhsm-cluster--sg) must include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The Source in the inbound rules and the Destination in the outbound rules must match the security group ID. These rules are set by default when you create the cluster. Do not delete or change them. To get information about a particular security group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) operation.

              * The cluster must contain at least as many HSMs as the operation requires. To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, the AWS CloudHSM cluster must have at least two active HSMs, each in a different Availability Zone. For the ConnectCustomKeyStore operation, the AWS CloudHSM must contain at least one active HSM.

              For information about the requirements for an AWS CloudHSM cluster that is associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) in the AWS Key Management Service Developer Guide. For information about creating a private subnet for an AWS CloudHSM cluster, see Create a Private Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) in the AWS CloudHSM User Guide. For information about cluster security groups, see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) in the AWS CloudHSM User Guide .

              func (*CloudHsmClusterInvalidConfigurationException) Error

              func (*CloudHsmClusterInvalidConfigurationException) ErrorCode

              func (*CloudHsmClusterInvalidConfigurationException) ErrorFault

              func (*CloudHsmClusterInvalidConfigurationException) ErrorMessage

              type CloudHsmClusterNotActiveException

              type CloudHsmClusterNotActiveException struct {
              	Message *string
              }

                The request was rejected because the AWS CloudHSM cluster that is associated with the custom key store is not active. Initialize and activate the cluster and try the command again. For detailed instructions, see Getting Started (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) in the AWS CloudHSM User Guide.

                func (*CloudHsmClusterNotActiveException) Error

                func (*CloudHsmClusterNotActiveException) ErrorCode

                func (*CloudHsmClusterNotActiveException) ErrorFault

                func (*CloudHsmClusterNotActiveException) ErrorMessage

                func (e *CloudHsmClusterNotActiveException) ErrorMessage() string

                type CloudHsmClusterNotFoundException

                type CloudHsmClusterNotFoundException struct {
                	Message *string
                }

                  The request was rejected because AWS KMS cannot find the AWS CloudHSM cluster with the specified cluster ID. Retry the request with a different cluster ID.

                  func (*CloudHsmClusterNotFoundException) Error

                  func (*CloudHsmClusterNotFoundException) ErrorCode

                  func (*CloudHsmClusterNotFoundException) ErrorFault

                  func (*CloudHsmClusterNotFoundException) ErrorMessage

                  func (e *CloudHsmClusterNotFoundException) ErrorMessage() string

                  type CloudHsmClusterNotRelatedException

                  type CloudHsmClusterNotRelatedException struct {
                  	Message *string
                  }

                    The request was rejected because the specified AWS CloudHSM cluster has a different cluster certificate than the original cluster. You cannot use the operation to specify an unrelated cluster. Specify a cluster that shares a backup history with the original cluster. This includes clusters that were created from a backup of the current cluster, and clusters that were created from the same backup that produced the current cluster. Clusters that share a backup history have the same cluster certificate. To view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) operation.

                    func (*CloudHsmClusterNotRelatedException) Error

                    func (*CloudHsmClusterNotRelatedException) ErrorCode

                    func (*CloudHsmClusterNotRelatedException) ErrorFault

                    func (*CloudHsmClusterNotRelatedException) ErrorMessage

                    func (e *CloudHsmClusterNotRelatedException) ErrorMessage() string

                    type ConnectionErrorCodeType

                    type ConnectionErrorCodeType string
                    const (
                    	ConnectionErrorCodeTypeInvalidCredentials       ConnectionErrorCodeType = "INVALID_CREDENTIALS"
                    	ConnectionErrorCodeTypeClusterNotFound          ConnectionErrorCodeType = "CLUSTER_NOT_FOUND"
                    	ConnectionErrorCodeTypeNetworkErrors            ConnectionErrorCodeType = "NETWORK_ERRORS"
                    	ConnectionErrorCodeTypeInternalError            ConnectionErrorCodeType = "INTERNAL_ERROR"
                    	ConnectionErrorCodeTypeInsufficientCloudhsmHsms ConnectionErrorCodeType = "INSUFFICIENT_CLOUDHSM_HSMS"
                    	ConnectionErrorCodeTypeUserLockedOut            ConnectionErrorCodeType = "USER_LOCKED_OUT"
                    	ConnectionErrorCodeTypeUserNotFound             ConnectionErrorCodeType = "USER_NOT_FOUND"
                    	ConnectionErrorCodeTypeUserLoggedIn             ConnectionErrorCodeType = "USER_LOGGED_IN"
                    	ConnectionErrorCodeTypeSubnetNotFound           ConnectionErrorCodeType = "SUBNET_NOT_FOUND"
                    )

                      Enum values for ConnectionErrorCodeType

                      func (ConnectionErrorCodeType) Values

                        Values returns all known values for ConnectionErrorCodeType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                        type ConnectionStateType

                        type ConnectionStateType string
                        const (
                        	ConnectionStateTypeConnected     ConnectionStateType = "CONNECTED"
                        	ConnectionStateTypeConnecting    ConnectionStateType = "CONNECTING"
                        	ConnectionStateTypeFailed        ConnectionStateType = "FAILED"
                        	ConnectionStateTypeDisconnected  ConnectionStateType = "DISCONNECTED"
                        	ConnectionStateTypeDisconnecting ConnectionStateType = "DISCONNECTING"
                        )

                          Enum values for ConnectionStateType

                          func (ConnectionStateType) Values

                            Values returns all known values for ConnectionStateType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                            type CustomKeyStoreHasCMKsException

                            type CustomKeyStoreHasCMKsException struct {
                            	Message *string
                            }

                              The request was rejected because the custom key store contains AWS KMS customer master keys (CMKs). After verifying that you do not need to use the CMKs, use the ScheduleKeyDeletion operation to delete the CMKs. After they are deleted, you can delete the custom key store.

                              func (*CustomKeyStoreHasCMKsException) Error

                              func (*CustomKeyStoreHasCMKsException) ErrorCode

                              func (e *CustomKeyStoreHasCMKsException) ErrorCode() string

                              func (*CustomKeyStoreHasCMKsException) ErrorFault

                              func (*CustomKeyStoreHasCMKsException) ErrorMessage

                              func (e *CustomKeyStoreHasCMKsException) ErrorMessage() string

                              type CustomKeyStoreInvalidStateException

                              type CustomKeyStoreInvalidStateException struct {
                              	Message *string
                              }

                                The request was rejected because of the ConnectionState of the custom key store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores operation. This exception is thrown under the following conditions:

                                * You requested the CreateKey or GenerateRandom operation in a custom key store that is not connected. These operations are valid only when the custom key store ConnectionState is CONNECTED.

                                * You requested the UpdateCustomKeyStore or DeleteCustomKeyStore operation on a custom key store that is not disconnected. This operation is valid only when the custom key store ConnectionState is DISCONNECTED.

                                * You requested the ConnectCustomKeyStore operation on a custom key store with a ConnectionState of DISCONNECTING or FAILED. This operation is valid for all other ConnectionState values.

                                func (*CustomKeyStoreInvalidStateException) Error

                                func (*CustomKeyStoreInvalidStateException) ErrorCode

                                func (*CustomKeyStoreInvalidStateException) ErrorFault

                                func (*CustomKeyStoreInvalidStateException) ErrorMessage

                                func (e *CustomKeyStoreInvalidStateException) ErrorMessage() string

                                type CustomKeyStoreNameInUseException

                                type CustomKeyStoreNameInUseException struct {
                                	Message *string
                                }

                                  The request was rejected because the specified custom key store name is already assigned to another custom key store in the account. Try again with a custom key store name that is unique in the account.

                                  func (*CustomKeyStoreNameInUseException) Error

                                  func (*CustomKeyStoreNameInUseException) ErrorCode

                                  func (*CustomKeyStoreNameInUseException) ErrorFault

                                  func (*CustomKeyStoreNameInUseException) ErrorMessage

                                  func (e *CustomKeyStoreNameInUseException) ErrorMessage() string

                                  type CustomKeyStoreNotFoundException

                                  type CustomKeyStoreNotFoundException struct {
                                  	Message *string
                                  }

                                    The request was rejected because AWS KMS cannot find a custom key store with the specified key store name or ID.

                                    func (*CustomKeyStoreNotFoundException) Error

                                    func (*CustomKeyStoreNotFoundException) ErrorCode

                                    func (e *CustomKeyStoreNotFoundException) ErrorCode() string

                                    func (*CustomKeyStoreNotFoundException) ErrorFault

                                    func (*CustomKeyStoreNotFoundException) ErrorMessage

                                    func (e *CustomKeyStoreNotFoundException) ErrorMessage() string

                                    type CustomKeyStoresListEntry

                                    type CustomKeyStoresListEntry struct {
                                    
                                    	// A unique identifier for the AWS CloudHSM cluster that is associated with the
                                    	// custom key store.
                                    	CloudHsmClusterId *string
                                    
                                    	// Describes the connection error. This field appears in the response only when the
                                    	// ConnectionState is FAILED. For help resolving these errors, see How to Fix a
                                    	// Connection Failure
                                    	// (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed)
                                    	// in AWS Key Management Service Developer Guide. Valid values are:
                                    	//
                                    	// *
                                    	// CLUSTER_NOT_FOUND - AWS KMS cannot find the AWS CloudHSM cluster with the
                                    	// specified cluster ID.
                                    	//
                                    	// * INSUFFICIENT_CLOUDHSM_HSMS - The associated AWS
                                    	// CloudHSM cluster does not contain any active HSMs. To connect a custom key store
                                    	// to its AWS CloudHSM cluster, the cluster must contain at least one active
                                    	// HSM.
                                    	//
                                    	// * INTERNAL_ERROR - AWS KMS could not complete the request due to an
                                    	// internal error. Retry the request. For ConnectCustomKeyStore requests,
                                    	// disconnect the custom key store before trying to connect again.
                                    	//
                                    	// *
                                    	// INVALID_CREDENTIALS - AWS KMS does not have the correct password for the kmsuser
                                    	// crypto user in the AWS CloudHSM cluster. Before you can connect your custom key
                                    	// store to its AWS CloudHSM cluster, you must change the kmsuser account password
                                    	// and update the key store password value for the custom key store.
                                    	//
                                    	// *
                                    	// NETWORK_ERRORS - Network errors are preventing AWS KMS from connecting to the
                                    	// custom key store.
                                    	//
                                    	// * SUBNET_NOT_FOUND - A subnet in the AWS CloudHSM cluster
                                    	// configuration was deleted. If AWS KMS cannot find all of the subnets in the
                                    	// cluster configuration, attempts to connect the custom key store to the AWS
                                    	// CloudHSM cluster fail. To fix this error, create a cluster from a recent backup
                                    	// and associate it with your custom key store. (This process creates a new cluster
                                    	// configuration with a VPC and private subnets.) For details, see How to Fix a
                                    	// Connection Failure
                                    	// (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed)
                                    	// in the AWS Key Management Service Developer Guide.
                                    	//
                                    	// * USER_LOCKED_OUT - The
                                    	// kmsuser CU account is locked out of the associated AWS CloudHSM cluster due to
                                    	// too many failed password attempts. Before you can connect your custom key store
                                    	// to its AWS CloudHSM cluster, you must change the kmsuser account password and
                                    	// update the key store password value for the custom key store.
                                    	//
                                    	// * USER_LOGGED_IN
                                    	// - The kmsuser CU account is logged into the the associated AWS CloudHSM cluster.
                                    	// This prevents AWS KMS from rotating the kmsuser account password and logging
                                    	// into the cluster. Before you can connect your custom key store to its AWS
                                    	// CloudHSM cluster, you must log the kmsuser CU out of the cluster. If you changed
                                    	// the kmsuser password to log into the cluster, you must also and update the key
                                    	// store password value for the custom key store. For help, see How to Log Out and
                                    	// Reconnect
                                    	// (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#login-kmsuser-2)
                                    	// in the AWS Key Management Service Developer Guide.
                                    	//
                                    	// * USER_NOT_FOUND - AWS KMS
                                    	// cannot find a kmsuser CU account in the associated AWS CloudHSM cluster. Before
                                    	// you can connect your custom key store to its AWS CloudHSM cluster, you must
                                    	// create a kmsuser CU account in the cluster, and then update the key store
                                    	// password value for the custom key store.
                                    	ConnectionErrorCode ConnectionErrorCodeType
                                    
                                    	// Indicates whether the custom key store is connected to its AWS CloudHSM cluster.
                                    	// You can create and use CMKs in your custom key stores only when its connection
                                    	// state is CONNECTED. The value is DISCONNECTED if the key store has never been
                                    	// connected or you use the DisconnectCustomKeyStore operation to disconnect it. If
                                    	// the value is CONNECTED but you are having trouble using the custom key store,
                                    	// make sure that its associated AWS CloudHSM cluster is active and contains at
                                    	// least one active HSM. A value of FAILED indicates that an attempt to connect was
                                    	// unsuccessful. The ConnectionErrorCode field in the response indicates the cause
                                    	// of the failure. For help resolving a connection failure, see Troubleshooting a
                                    	// Custom Key Store
                                    	// (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) in the
                                    	// AWS Key Management Service Developer Guide.
                                    	ConnectionState ConnectionStateType
                                    
                                    	// The date and time when the custom key store was created.
                                    	CreationDate *time.Time
                                    
                                    	// A unique identifier for the custom key store.
                                    	CustomKeyStoreId *string
                                    
                                    	// The user-specified friendly name for the custom key store.
                                    	CustomKeyStoreName *string
                                    
                                    	// The trust anchor certificate of the associated AWS CloudHSM cluster. When you
                                    	// initialize the cluster
                                    	// (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr),
                                    	// you create this certificate and save it in the customerCA.crt file.
                                    	TrustAnchorCertificate *string
                                    }

                                      Contains information about each custom key store in the custom key store list.

                                      type CustomerMasterKeySpec

                                      type CustomerMasterKeySpec string
                                      const (
                                      	CustomerMasterKeySpecRsa2048          CustomerMasterKeySpec = "RSA_2048"
                                      	CustomerMasterKeySpecRsa3072          CustomerMasterKeySpec = "RSA_3072"
                                      	CustomerMasterKeySpecRsa4096          CustomerMasterKeySpec = "RSA_4096"
                                      	CustomerMasterKeySpecEccNistP256      CustomerMasterKeySpec = "ECC_NIST_P256"
                                      	CustomerMasterKeySpecEccNistP384      CustomerMasterKeySpec = "ECC_NIST_P384"
                                      	CustomerMasterKeySpecEccNistP521      CustomerMasterKeySpec = "ECC_NIST_P521"
                                      	CustomerMasterKeySpecEccSecgP256k1    CustomerMasterKeySpec = "ECC_SECG_P256K1"
                                      	CustomerMasterKeySpecSymmetricDefault CustomerMasterKeySpec = "SYMMETRIC_DEFAULT"
                                      )

                                        Enum values for CustomerMasterKeySpec

                                        func (CustomerMasterKeySpec) Values

                                          Values returns all known values for CustomerMasterKeySpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                          type DataKeyPairSpec

                                          type DataKeyPairSpec string
                                          const (
                                          	DataKeyPairSpecRsa2048       DataKeyPairSpec = "RSA_2048"
                                          	DataKeyPairSpecRsa3072       DataKeyPairSpec = "RSA_3072"
                                          	DataKeyPairSpecRsa4096       DataKeyPairSpec = "RSA_4096"
                                          	DataKeyPairSpecEccNistP256   DataKeyPairSpec = "ECC_NIST_P256"
                                          	DataKeyPairSpecEccNistP384   DataKeyPairSpec = "ECC_NIST_P384"
                                          	DataKeyPairSpecEccNistP521   DataKeyPairSpec = "ECC_NIST_P521"
                                          	DataKeyPairSpecEccSecgP256k1 DataKeyPairSpec = "ECC_SECG_P256K1"
                                          )

                                            Enum values for DataKeyPairSpec

                                            func (DataKeyPairSpec) Values

                                            func (DataKeyPairSpec) Values() []DataKeyPairSpec

                                              Values returns all known values for DataKeyPairSpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                              type DataKeySpec

                                              type DataKeySpec string
                                              const (
                                              	DataKeySpecAes256 DataKeySpec = "AES_256"
                                              	DataKeySpecAes128 DataKeySpec = "AES_128"
                                              )

                                                Enum values for DataKeySpec

                                                func (DataKeySpec) Values

                                                func (DataKeySpec) Values() []DataKeySpec

                                                  Values returns all known values for DataKeySpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                  type DependencyTimeoutException

                                                  type DependencyTimeoutException struct {
                                                  	Message *string
                                                  }

                                                    The system timed out while trying to fulfill the request. The request can be retried.

                                                    func (*DependencyTimeoutException) Error

                                                    func (*DependencyTimeoutException) ErrorCode

                                                    func (e *DependencyTimeoutException) ErrorCode() string

                                                    func (*DependencyTimeoutException) ErrorFault

                                                    func (*DependencyTimeoutException) ErrorMessage

                                                    func (e *DependencyTimeoutException) ErrorMessage() string

                                                    type DisabledException

                                                    type DisabledException struct {
                                                    	Message *string
                                                    }

                                                      The request was rejected because the specified CMK is not enabled.

                                                      func (*DisabledException) Error

                                                      func (e *DisabledException) Error() string

                                                      func (*DisabledException) ErrorCode

                                                      func (e *DisabledException) ErrorCode() string

                                                      func (*DisabledException) ErrorFault

                                                      func (e *DisabledException) ErrorFault() smithy.ErrorFault

                                                      func (*DisabledException) ErrorMessage

                                                      func (e *DisabledException) ErrorMessage() string

                                                      type EncryptionAlgorithmSpec

                                                      type EncryptionAlgorithmSpec string
                                                      const (
                                                      	EncryptionAlgorithmSpecSymmetricDefault EncryptionAlgorithmSpec = "SYMMETRIC_DEFAULT"
                                                      	EncryptionAlgorithmSpecRsaesOaepSha1    EncryptionAlgorithmSpec = "RSAES_OAEP_SHA_1"
                                                      	EncryptionAlgorithmSpecRsaesOaepSha256  EncryptionAlgorithmSpec = "RSAES_OAEP_SHA_256"
                                                      )

                                                        Enum values for EncryptionAlgorithmSpec

                                                        func (EncryptionAlgorithmSpec) Values

                                                          Values returns all known values for EncryptionAlgorithmSpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                          type ExpirationModelType

                                                          type ExpirationModelType string
                                                          const (
                                                          	ExpirationModelTypeKeyMaterialExpires       ExpirationModelType = "KEY_MATERIAL_EXPIRES"
                                                          	ExpirationModelTypeKeyMaterialDoesNotExpire ExpirationModelType = "KEY_MATERIAL_DOES_NOT_EXPIRE"
                                                          )

                                                            Enum values for ExpirationModelType

                                                            func (ExpirationModelType) Values

                                                              Values returns all known values for ExpirationModelType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                              type ExpiredImportTokenException

                                                              type ExpiredImportTokenException struct {
                                                              	Message *string
                                                              }

                                                                The request was rejected because the specified import token is expired. Use GetParametersForImport to get a new import token and public key, use the new public key to encrypt the key material, and then try the request again.

                                                                func (*ExpiredImportTokenException) Error

                                                                func (*ExpiredImportTokenException) ErrorCode

                                                                func (e *ExpiredImportTokenException) ErrorCode() string

                                                                func (*ExpiredImportTokenException) ErrorFault

                                                                func (*ExpiredImportTokenException) ErrorMessage

                                                                func (e *ExpiredImportTokenException) ErrorMessage() string

                                                                type GrantConstraints

                                                                type GrantConstraints struct {
                                                                
                                                                	// A list of key-value pairs that must match the encryption context in the
                                                                	// cryptographic operation
                                                                	// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
                                                                	// request. The grant allows the operation only when the encryption context in the
                                                                	// request is the same as the encryption context specified in this constraint.
                                                                	EncryptionContextEquals map[string]string
                                                                
                                                                	// A list of key-value pairs that must be included in the encryption context of the
                                                                	// cryptographic operation
                                                                	// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
                                                                	// request. The grant allows the cryptographic operation only when the encryption
                                                                	// context in the request includes the key-value pairs specified in this
                                                                	// constraint, although it can include additional key-value pairs.
                                                                	EncryptionContextSubset map[string]string
                                                                }

                                                                  Use this structure to allow cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) in the grant only when the operation request includes the specified encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context). AWS KMS applies the grant constraints only to cryptographic operations that support an encryption context, that is, all cryptographic operations with a symmetric CMK (https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#symmetric-cmks). Grant constraints are not applied to operations that do not support an encryption context, such as cryptographic operations with asymmetric CMKs and management operations, such as DescribeKey or RetireGrant. In a cryptographic operation, the encryption context in the decryption operation must be an exact, case-sensitive match for the keys and values in the encryption context of the encryption operation. Only the order of the pairs can vary. However, in a grant constraint, the key in each key-value pair is not case sensitive, but the value is case sensitive. To avoid confusion, do not use multiple encryption context pairs that differ only by case. To require a fully case-sensitive encryption context, use the kms:EncryptionContext: and kms:EncryptionContextKeys conditions in an IAM or key policy. For details, see kms:EncryptionContext: (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-context) in the AWS Key Management Service Developer Guide .

                                                                  type GrantListEntry

                                                                  type GrantListEntry struct {
                                                                  
                                                                  	// A list of key-value pairs that must be present in the encryption context of
                                                                  	// certain subsequent operations that the grant allows.
                                                                  	Constraints *GrantConstraints
                                                                  
                                                                  	// The date and time when the grant was created.
                                                                  	CreationDate *time.Time
                                                                  
                                                                  	// The unique identifier for the grant.
                                                                  	GrantId *string
                                                                  
                                                                  	// The identity that gets the permissions in the grant. The GranteePrincipal field
                                                                  	// in the ListGrants response usually contains the user or role designated as the
                                                                  	// grantee principal in the grant. However, when the grantee principal in the grant
                                                                  	// is an AWS service, the GranteePrincipal field contains the service principal
                                                                  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services),
                                                                  	// which might represent several different grantee principals.
                                                                  	GranteePrincipal *string
                                                                  
                                                                  	// The AWS account under which the grant was issued.
                                                                  	IssuingAccount *string
                                                                  
                                                                  	// The unique identifier for the customer master key (CMK) to which the grant
                                                                  	// applies.
                                                                  	KeyId *string
                                                                  
                                                                  	// The friendly name that identifies the grant. If a name was provided in the
                                                                  	// CreateGrant request, that name is returned. Otherwise this value is null.
                                                                  	Name *string
                                                                  
                                                                  	// The list of operations permitted by the grant.
                                                                  	Operations []GrantOperation
                                                                  
                                                                  	// The principal that can retire the grant.
                                                                  	RetiringPrincipal *string
                                                                  }

                                                                    Contains information about a grant.

                                                                    type GrantOperation

                                                                    type GrantOperation string
                                                                    const (
                                                                    	GrantOperationDecrypt                             GrantOperation = "Decrypt"
                                                                    	GrantOperationEncrypt                             GrantOperation = "Encrypt"
                                                                    	GrantOperationGenerateDataKey                     GrantOperation = "GenerateDataKey"
                                                                    	GrantOperationGenerateDataKeyWithoutPlaintext     GrantOperation = "GenerateDataKeyWithoutPlaintext"
                                                                    	GrantOperationReEncryptFrom                       GrantOperation = "ReEncryptFrom"
                                                                    	GrantOperationReEncryptTo                         GrantOperation = "ReEncryptTo"
                                                                    	GrantOperationSign                                GrantOperation = "Sign"
                                                                    	GrantOperationVerify                              GrantOperation = "Verify"
                                                                    	GrantOperationGetPublicKey                        GrantOperation = "GetPublicKey"
                                                                    	GrantOperationCreateGrant                         GrantOperation = "CreateGrant"
                                                                    	GrantOperationRetireGrant                         GrantOperation = "RetireGrant"
                                                                    	GrantOperationDescribeKey                         GrantOperation = "DescribeKey"
                                                                    	GrantOperationGenerateDataKeyPair                 GrantOperation = "GenerateDataKeyPair"
                                                                    	GrantOperationGenerateDataKeyPairWithoutPlaintext GrantOperation = "GenerateDataKeyPairWithoutPlaintext"
                                                                    )

                                                                      Enum values for GrantOperation

                                                                      func (GrantOperation) Values

                                                                      func (GrantOperation) Values() []GrantOperation

                                                                        Values returns all known values for GrantOperation. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                        type IncorrectKeyException

                                                                        type IncorrectKeyException struct {
                                                                        	Message *string
                                                                        }

                                                                          The request was rejected because the specified CMK cannot decrypt the data. The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request must identify the same CMK that was used to encrypt the ciphertext.

                                                                          func (*IncorrectKeyException) Error

                                                                          func (e *IncorrectKeyException) Error() string

                                                                          func (*IncorrectKeyException) ErrorCode

                                                                          func (e *IncorrectKeyException) ErrorCode() string

                                                                          func (*IncorrectKeyException) ErrorFault

                                                                          func (e *IncorrectKeyException) ErrorFault() smithy.ErrorFault

                                                                          func (*IncorrectKeyException) ErrorMessage

                                                                          func (e *IncorrectKeyException) ErrorMessage() string

                                                                          type IncorrectKeyMaterialException

                                                                          type IncorrectKeyMaterialException struct {
                                                                          	Message *string
                                                                          }

                                                                            The request was rejected because the key material in the request is, expired, invalid, or is not the same key material that was previously imported into this customer master key (CMK).

                                                                            func (*IncorrectKeyMaterialException) Error

                                                                            func (*IncorrectKeyMaterialException) ErrorCode

                                                                            func (e *IncorrectKeyMaterialException) ErrorCode() string

                                                                            func (*IncorrectKeyMaterialException) ErrorFault

                                                                            func (*IncorrectKeyMaterialException) ErrorMessage

                                                                            func (e *IncorrectKeyMaterialException) ErrorMessage() string

                                                                            type IncorrectTrustAnchorException

                                                                            type IncorrectTrustAnchorException struct {
                                                                            	Message *string
                                                                            }

                                                                              The request was rejected because the trust anchor certificate in the request is not the trust anchor certificate for the specified AWS CloudHSM cluster. When you initialize the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), you create the trust anchor certificate and save it in the customerCA.crt file.

                                                                              func (*IncorrectTrustAnchorException) Error

                                                                              func (*IncorrectTrustAnchorException) ErrorCode

                                                                              func (e *IncorrectTrustAnchorException) ErrorCode() string

                                                                              func (*IncorrectTrustAnchorException) ErrorFault

                                                                              func (*IncorrectTrustAnchorException) ErrorMessage

                                                                              func (e *IncorrectTrustAnchorException) ErrorMessage() string

                                                                              type InvalidAliasNameException

                                                                              type InvalidAliasNameException struct {
                                                                              	Message *string
                                                                              }

                                                                                The request was rejected because the specified alias name is not valid.

                                                                                func (*InvalidAliasNameException) Error

                                                                                func (e *InvalidAliasNameException) Error() string

                                                                                func (*InvalidAliasNameException) ErrorCode

                                                                                func (e *InvalidAliasNameException) ErrorCode() string

                                                                                func (*InvalidAliasNameException) ErrorFault

                                                                                func (*InvalidAliasNameException) ErrorMessage

                                                                                func (e *InvalidAliasNameException) ErrorMessage() string

                                                                                type InvalidArnException

                                                                                type InvalidArnException struct {
                                                                                	Message *string
                                                                                }

                                                                                  The request was rejected because a specified ARN, or an ARN in a key policy, is not valid.

                                                                                  func (*InvalidArnException) Error

                                                                                  func (e *InvalidArnException) Error() string

                                                                                  func (*InvalidArnException) ErrorCode

                                                                                  func (e *InvalidArnException) ErrorCode() string

                                                                                  func (*InvalidArnException) ErrorFault

                                                                                  func (e *InvalidArnException) ErrorFault() smithy.ErrorFault

                                                                                  func (*InvalidArnException) ErrorMessage

                                                                                  func (e *InvalidArnException) ErrorMessage() string

                                                                                  type InvalidCiphertextException

                                                                                  type InvalidCiphertextException struct {
                                                                                  	Message *string
                                                                                  }

                                                                                    From the Decrypt or ReEncrypt operation, the request was rejected because the specified ciphertext, or additional authenticated data incorporated into the ciphertext, such as the encryption context, is corrupted, missing, or otherwise invalid. From the ImportKeyMaterial operation, the request was rejected because AWS KMS could not decrypt the encrypted (wrapped) key material.

                                                                                    func (*InvalidCiphertextException) Error

                                                                                    func (*InvalidCiphertextException) ErrorCode

                                                                                    func (e *InvalidCiphertextException) ErrorCode() string

                                                                                    func (*InvalidCiphertextException) ErrorFault

                                                                                    func (*InvalidCiphertextException) ErrorMessage

                                                                                    func (e *InvalidCiphertextException) ErrorMessage() string

                                                                                    type InvalidGrantIdException

                                                                                    type InvalidGrantIdException struct {
                                                                                    	Message *string
                                                                                    }

                                                                                      The request was rejected because the specified GrantId is not valid.

                                                                                      func (*InvalidGrantIdException) Error

                                                                                      func (e *InvalidGrantIdException) Error() string

                                                                                      func (*InvalidGrantIdException) ErrorCode

                                                                                      func (e *InvalidGrantIdException) ErrorCode() string

                                                                                      func (*InvalidGrantIdException) ErrorFault

                                                                                      func (e *InvalidGrantIdException) ErrorFault() smithy.ErrorFault

                                                                                      func (*InvalidGrantIdException) ErrorMessage

                                                                                      func (e *InvalidGrantIdException) ErrorMessage() string

                                                                                      type InvalidGrantTokenException

                                                                                      type InvalidGrantTokenException struct {
                                                                                      	Message *string
                                                                                      }

                                                                                        The request was rejected because the specified grant token is not valid.

                                                                                        func (*InvalidGrantTokenException) Error

                                                                                        func (*InvalidGrantTokenException) ErrorCode

                                                                                        func (e *InvalidGrantTokenException) ErrorCode() string

                                                                                        func (*InvalidGrantTokenException) ErrorFault

                                                                                        func (*InvalidGrantTokenException) ErrorMessage

                                                                                        func (e *InvalidGrantTokenException) ErrorMessage() string

                                                                                        type InvalidImportTokenException

                                                                                        type InvalidImportTokenException struct {
                                                                                        	Message *string
                                                                                        }

                                                                                          The request was rejected because the provided import token is invalid or is associated with a different customer master key (CMK).

                                                                                          func (*InvalidImportTokenException) Error

                                                                                          func (*InvalidImportTokenException) ErrorCode

                                                                                          func (e *InvalidImportTokenException) ErrorCode() string

                                                                                          func (*InvalidImportTokenException) ErrorFault

                                                                                          func (*InvalidImportTokenException) ErrorMessage

                                                                                          func (e *InvalidImportTokenException) ErrorMessage() string

                                                                                          type InvalidKeyUsageException

                                                                                          type InvalidKeyUsageException struct {
                                                                                          	Message *string
                                                                                          }

                                                                                            The request was rejected for one of the following reasons:

                                                                                            * The KeyUsage value of the CMK is incompatible with the API operation.

                                                                                            * The encryption algorithm or signing algorithm specified for the operation is incompatible with the type of key material in the CMK (CustomerMasterKeySpec).

                                                                                            For encrypting, decrypting, re-encrypting, and generating data keys, the KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. To find the encryption or signing algorithms supported for a particular CMK, use the DescribeKey operation.

                                                                                            func (*InvalidKeyUsageException) Error

                                                                                            func (e *InvalidKeyUsageException) Error() string

                                                                                            func (*InvalidKeyUsageException) ErrorCode

                                                                                            func (e *InvalidKeyUsageException) ErrorCode() string

                                                                                            func (*InvalidKeyUsageException) ErrorFault

                                                                                            func (e *InvalidKeyUsageException) ErrorFault() smithy.ErrorFault

                                                                                            func (*InvalidKeyUsageException) ErrorMessage

                                                                                            func (e *InvalidKeyUsageException) ErrorMessage() string

                                                                                            type InvalidMarkerException

                                                                                            type InvalidMarkerException struct {
                                                                                            	Message *string
                                                                                            }

                                                                                              The request was rejected because the marker that specifies where pagination should next begin is not valid.

                                                                                              func (*InvalidMarkerException) Error

                                                                                              func (e *InvalidMarkerException) Error() string

                                                                                              func (*InvalidMarkerException) ErrorCode

                                                                                              func (e *InvalidMarkerException) ErrorCode() string

                                                                                              func (*InvalidMarkerException) ErrorFault

                                                                                              func (e *InvalidMarkerException) ErrorFault() smithy.ErrorFault

                                                                                              func (*InvalidMarkerException) ErrorMessage

                                                                                              func (e *InvalidMarkerException) ErrorMessage() string

                                                                                              type KMSInternalException

                                                                                              type KMSInternalException struct {
                                                                                              	Message *string
                                                                                              }

                                                                                                The request was rejected because an internal exception occurred. The request can be retried.

                                                                                                func (*KMSInternalException) Error

                                                                                                func (e *KMSInternalException) Error() string

                                                                                                func (*KMSInternalException) ErrorCode

                                                                                                func (e *KMSInternalException) ErrorCode() string

                                                                                                func (*KMSInternalException) ErrorFault

                                                                                                func (e *KMSInternalException) ErrorFault() smithy.ErrorFault

                                                                                                func (*KMSInternalException) ErrorMessage

                                                                                                func (e *KMSInternalException) ErrorMessage() string

                                                                                                type KMSInvalidSignatureException

                                                                                                type KMSInvalidSignatureException struct {
                                                                                                	Message *string
                                                                                                }

                                                                                                  The request was rejected because the signature verification failed. Signature verification fails when it cannot confirm that signature was produced by signing the specified message with the specified CMK and signing algorithm.

                                                                                                  func (*KMSInvalidSignatureException) Error

                                                                                                  func (*KMSInvalidSignatureException) ErrorCode

                                                                                                  func (e *KMSInvalidSignatureException) ErrorCode() string

                                                                                                  func (*KMSInvalidSignatureException) ErrorFault

                                                                                                  func (*KMSInvalidSignatureException) ErrorMessage

                                                                                                  func (e *KMSInvalidSignatureException) ErrorMessage() string

                                                                                                  type KMSInvalidStateException

                                                                                                  type KMSInvalidStateException struct {
                                                                                                  	Message *string
                                                                                                  }

                                                                                                    The request was rejected because the state of the specified resource is not valid for this request. For more information about how key state affects the use of a CMK, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the AWS Key Management Service Developer Guide .

                                                                                                    func (*KMSInvalidStateException) Error

                                                                                                    func (e *KMSInvalidStateException) Error() string

                                                                                                    func (*KMSInvalidStateException) ErrorCode

                                                                                                    func (e *KMSInvalidStateException) ErrorCode() string

                                                                                                    func (*KMSInvalidStateException) ErrorFault

                                                                                                    func (e *KMSInvalidStateException) ErrorFault() smithy.ErrorFault

                                                                                                    func (*KMSInvalidStateException) ErrorMessage

                                                                                                    func (e *KMSInvalidStateException) ErrorMessage() string

                                                                                                    type KeyListEntry

                                                                                                    type KeyListEntry struct {
                                                                                                    
                                                                                                    	// ARN of the key.
                                                                                                    	KeyArn *string
                                                                                                    
                                                                                                    	// Unique identifier of the key.
                                                                                                    	KeyId *string
                                                                                                    }

                                                                                                      Contains information about each entry in the key list.

                                                                                                      type KeyManagerType

                                                                                                      type KeyManagerType string
                                                                                                      const (
                                                                                                      	KeyManagerTypeAws      KeyManagerType = "AWS"
                                                                                                      	KeyManagerTypeCustomer KeyManagerType = "CUSTOMER"
                                                                                                      )

                                                                                                        Enum values for KeyManagerType

                                                                                                        func (KeyManagerType) Values

                                                                                                        func (KeyManagerType) Values() []KeyManagerType

                                                                                                          Values returns all known values for KeyManagerType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                                                          type KeyMetadata

                                                                                                          type KeyMetadata struct {
                                                                                                          
                                                                                                          	// The globally unique identifier for the CMK.
                                                                                                          	//
                                                                                                          	// This member is required.
                                                                                                          	KeyId *string
                                                                                                          
                                                                                                          	// The twelve-digit account ID of the AWS account that owns the CMK.
                                                                                                          	AWSAccountId *string
                                                                                                          
                                                                                                          	// The Amazon Resource Name (ARN) of the CMK. For examples, see AWS Key Management
                                                                                                          	// Service (AWS KMS)
                                                                                                          	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms)
                                                                                                          	// in the Example ARNs section of the AWS General Reference.
                                                                                                          	Arn *string
                                                                                                          
                                                                                                          	// The cluster ID of the AWS CloudHSM cluster that contains the key material for
                                                                                                          	// the CMK. When you create a CMK in a custom key store
                                                                                                          	// (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
                                                                                                          	// AWS KMS creates the key material for the CMK in the associated AWS CloudHSM
                                                                                                          	// cluster. This value is present only when the CMK is created in a custom key
                                                                                                          	// store.
                                                                                                          	CloudHsmClusterId *string
                                                                                                          
                                                                                                          	// The date and time when the CMK was created.
                                                                                                          	CreationDate *time.Time
                                                                                                          
                                                                                                          	// A unique identifier for the custom key store
                                                                                                          	// (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
                                                                                                          	// that contains the CMK. This value is present only when the CMK is created in a
                                                                                                          	// custom key store.
                                                                                                          	CustomKeyStoreId *string
                                                                                                          
                                                                                                          	// Describes the type of key material in the CMK.
                                                                                                          	CustomerMasterKeySpec CustomerMasterKeySpec
                                                                                                          
                                                                                                          	// The date and time after which AWS KMS deletes the CMK. This value is present
                                                                                                          	// only when KeyState is PendingDeletion.
                                                                                                          	DeletionDate *time.Time
                                                                                                          
                                                                                                          	// The description of the CMK.
                                                                                                          	Description *string
                                                                                                          
                                                                                                          	// Specifies whether the CMK is enabled. When KeyState is Enabled this value is
                                                                                                          	// true, otherwise it is false.
                                                                                                          	Enabled bool
                                                                                                          
                                                                                                          	// The encryption algorithms that the CMK supports. You cannot use the CMK with
                                                                                                          	// other encryption algorithms within AWS KMS. This field appears only when the
                                                                                                          	// KeyUsage of the CMK is ENCRYPT_DECRYPT.
                                                                                                          	EncryptionAlgorithms []EncryptionAlgorithmSpec
                                                                                                          
                                                                                                          	// Specifies whether the CMK's key material expires. This value is present only
                                                                                                          	// when Origin is EXTERNAL, otherwise this value is omitted.
                                                                                                          	ExpirationModel ExpirationModelType
                                                                                                          
                                                                                                          	// The manager of the CMK. CMKs in your AWS account are either customer managed or
                                                                                                          	// AWS managed. For more information about the difference, see Customer Master Keys
                                                                                                          	// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys)
                                                                                                          	// in the AWS Key Management Service Developer Guide.
                                                                                                          	KeyManager KeyManagerType
                                                                                                          
                                                                                                          	// The current status of the CMK. For more information about how key state affects
                                                                                                          	// the use of a CMK, see Key state: Effect on your CMK
                                                                                                          	// (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the
                                                                                                          	// AWS Key Management Service Developer Guide.
                                                                                                          	KeyState KeyState
                                                                                                          
                                                                                                          	// The cryptographic operations
                                                                                                          	// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
                                                                                                          	// for which you can use the CMK.
                                                                                                          	KeyUsage KeyUsageType
                                                                                                          
                                                                                                          	// The source of the CMK's key material. When this value is AWS_KMS, AWS KMS
                                                                                                          	// created the key material. When this value is EXTERNAL, the key material was
                                                                                                          	// imported from your existing key management infrastructure or the CMK lacks key
                                                                                                          	// material. When this value is AWS_CLOUDHSM, the key material was created in the
                                                                                                          	// AWS CloudHSM cluster associated with a custom key store.
                                                                                                          	Origin OriginType
                                                                                                          
                                                                                                          	// The signing algorithms that the CMK supports. You cannot use the CMK with other
                                                                                                          	// signing algorithms within AWS KMS. This field appears only when the KeyUsage of
                                                                                                          	// the CMK is SIGN_VERIFY.
                                                                                                          	SigningAlgorithms []SigningAlgorithmSpec
                                                                                                          
                                                                                                          	// The time at which the imported key material expires. When the key material
                                                                                                          	// expires, AWS KMS deletes the key material and the CMK becomes unusable. This
                                                                                                          	// value is present only for CMKs whose Origin is EXTERNAL and whose
                                                                                                          	// ExpirationModel is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.
                                                                                                          	ValidTo *time.Time
                                                                                                          }

                                                                                                            Contains metadata about a customer master key (CMK). This data type is used as a response element for the CreateKey and DescribeKey operations.

                                                                                                            type KeyState

                                                                                                            type KeyState string
                                                                                                            const (
                                                                                                            	KeyStateEnabled         KeyState = "Enabled"
                                                                                                            	KeyStateDisabled        KeyState = "Disabled"
                                                                                                            	KeyStatePendingDeletion KeyState = "PendingDeletion"
                                                                                                            	KeyStatePendingImport   KeyState = "PendingImport"
                                                                                                            	KeyStateUnavailable     KeyState = "Unavailable"
                                                                                                            )

                                                                                                              Enum values for KeyState

                                                                                                              func (KeyState) Values

                                                                                                              func (KeyState) Values() []KeyState

                                                                                                                Values returns all known values for KeyState. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                                                                type KeyUnavailableException

                                                                                                                type KeyUnavailableException struct {
                                                                                                                	Message *string
                                                                                                                }

                                                                                                                  The request was rejected because the specified CMK was not available. You can retry the request.

                                                                                                                  func (*KeyUnavailableException) Error

                                                                                                                  func (e *KeyUnavailableException) Error() string

                                                                                                                  func (*KeyUnavailableException) ErrorCode

                                                                                                                  func (e *KeyUnavailableException) ErrorCode() string

                                                                                                                  func (*KeyUnavailableException) ErrorFault

                                                                                                                  func (e *KeyUnavailableException) ErrorFault() smithy.ErrorFault

                                                                                                                  func (*KeyUnavailableException) ErrorMessage

                                                                                                                  func (e *KeyUnavailableException) ErrorMessage() string

                                                                                                                  type KeyUsageType

                                                                                                                  type KeyUsageType string
                                                                                                                  const (
                                                                                                                  	KeyUsageTypeSignVerify     KeyUsageType = "SIGN_VERIFY"
                                                                                                                  	KeyUsageTypeEncryptDecrypt KeyUsageType = "ENCRYPT_DECRYPT"
                                                                                                                  )

                                                                                                                    Enum values for KeyUsageType

                                                                                                                    func (KeyUsageType) Values

                                                                                                                    func (KeyUsageType) Values() []KeyUsageType

                                                                                                                      Values returns all known values for KeyUsageType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                                                                      type LimitExceededException

                                                                                                                      type LimitExceededException struct {
                                                                                                                      	Message *string
                                                                                                                      }

                                                                                                                        The request was rejected because a quota was exceeded. For more information, see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) in the AWS Key Management Service Developer Guide.

                                                                                                                        func (*LimitExceededException) Error

                                                                                                                        func (e *LimitExceededException) Error() string

                                                                                                                        func (*LimitExceededException) ErrorCode

                                                                                                                        func (e *LimitExceededException) ErrorCode() string

                                                                                                                        func (*LimitExceededException) ErrorFault

                                                                                                                        func (e *LimitExceededException) ErrorFault() smithy.ErrorFault

                                                                                                                        func (*LimitExceededException) ErrorMessage

                                                                                                                        func (e *LimitExceededException) ErrorMessage() string

                                                                                                                        type MalformedPolicyDocumentException

                                                                                                                        type MalformedPolicyDocumentException struct {
                                                                                                                        	Message *string
                                                                                                                        }

                                                                                                                          The request was rejected because the specified policy is not syntactically or semantically correct.

                                                                                                                          func (*MalformedPolicyDocumentException) Error

                                                                                                                          func (*MalformedPolicyDocumentException) ErrorCode

                                                                                                                          func (*MalformedPolicyDocumentException) ErrorFault

                                                                                                                          func (*MalformedPolicyDocumentException) ErrorMessage

                                                                                                                          func (e *MalformedPolicyDocumentException) ErrorMessage() string

                                                                                                                          type MessageType

                                                                                                                          type MessageType string
                                                                                                                          const (
                                                                                                                          	MessageTypeRaw    MessageType = "RAW"
                                                                                                                          	MessageTypeDigest MessageType = "DIGEST"
                                                                                                                          )

                                                                                                                            Enum values for MessageType

                                                                                                                            func (MessageType) Values

                                                                                                                            func (MessageType) Values() []MessageType

                                                                                                                              Values returns all known values for MessageType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                                                                              type NotFoundException

                                                                                                                              type NotFoundException struct {
                                                                                                                              	Message *string
                                                                                                                              }

                                                                                                                                The request was rejected because the specified entity or resource could not be found.

                                                                                                                                func (*NotFoundException) Error

                                                                                                                                func (e *NotFoundException) Error() string

                                                                                                                                func (*NotFoundException) ErrorCode

                                                                                                                                func (e *NotFoundException) ErrorCode() string

                                                                                                                                func (*NotFoundException) ErrorFault

                                                                                                                                func (e *NotFoundException) ErrorFault() smithy.ErrorFault

                                                                                                                                func (*NotFoundException) ErrorMessage

                                                                                                                                func (e *NotFoundException) ErrorMessage() string

                                                                                                                                type OriginType

                                                                                                                                type OriginType string
                                                                                                                                const (
                                                                                                                                	OriginTypeAwsKms      OriginType = "AWS_KMS"
                                                                                                                                	OriginTypeExternal    OriginType = "EXTERNAL"
                                                                                                                                	OriginTypeAwsCloudhsm OriginType = "AWS_CLOUDHSM"
                                                                                                                                )

                                                                                                                                  Enum values for OriginType

                                                                                                                                  func (OriginType) Values

                                                                                                                                  func (OriginType) Values() []OriginType

                                                                                                                                    Values returns all known values for OriginType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                                                                                    type SigningAlgorithmSpec

                                                                                                                                    type SigningAlgorithmSpec string
                                                                                                                                    const (
                                                                                                                                    	SigningAlgorithmSpecRsassaPssSha256      SigningAlgorithmSpec = "RSASSA_PSS_SHA_256"
                                                                                                                                    	SigningAlgorithmSpecRsassaPssSha384      SigningAlgorithmSpec = "RSASSA_PSS_SHA_384"
                                                                                                                                    	SigningAlgorithmSpecRsassaPssSha512      SigningAlgorithmSpec = "RSASSA_PSS_SHA_512"
                                                                                                                                    	SigningAlgorithmSpecRsassaPkcs1V15Sha256 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_256"
                                                                                                                                    	SigningAlgorithmSpecRsassaPkcs1V15Sha384 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_384"
                                                                                                                                    	SigningAlgorithmSpecRsassaPkcs1V15Sha512 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_512"
                                                                                                                                    	SigningAlgorithmSpecEcdsaSha256          SigningAlgorithmSpec = "ECDSA_SHA_256"
                                                                                                                                    	SigningAlgorithmSpecEcdsaSha384          SigningAlgorithmSpec = "ECDSA_SHA_384"
                                                                                                                                    	SigningAlgorithmSpecEcdsaSha512          SigningAlgorithmSpec = "ECDSA_SHA_512"
                                                                                                                                    )

                                                                                                                                      Enum values for SigningAlgorithmSpec

                                                                                                                                      func (SigningAlgorithmSpec) Values

                                                                                                                                        Values returns all known values for SigningAlgorithmSpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

                                                                                                                                        type Tag

                                                                                                                                        type Tag struct {
                                                                                                                                        
                                                                                                                                        	// The key of the tag.
                                                                                                                                        	//
                                                                                                                                        	// This member is required.
                                                                                                                                        	TagKey *string
                                                                                                                                        
                                                                                                                                        	// The value of the tag.
                                                                                                                                        	//
                                                                                                                                        	// This member is required.
                                                                                                                                        	TagValue *string
                                                                                                                                        }

                                                                                                                                          A key-value pair. A tag consists of a tag key and a tag value. Tag keys and tag values are both required, but tag values can be empty (null) strings. For information about the rules that apply to tag keys and tag values, see User-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) in the AWS Billing and Cost Management User Guide.

                                                                                                                                          type TagException

                                                                                                                                          type TagException struct {
                                                                                                                                          	Message *string
                                                                                                                                          }

                                                                                                                                            The request was rejected because one or more tags are not valid.

                                                                                                                                            func (*TagException) Error

                                                                                                                                            func (e *TagException) Error() string

                                                                                                                                            func (*TagException) ErrorCode

                                                                                                                                            func (e *TagException) ErrorCode() string

                                                                                                                                            func (*TagException) ErrorFault

                                                                                                                                            func (e *TagException) ErrorFault() smithy.ErrorFault

                                                                                                                                            func (*TagException) ErrorMessage

                                                                                                                                            func (e *TagException) ErrorMessage() string

                                                                                                                                            type UnsupportedOperationException

                                                                                                                                            type UnsupportedOperationException struct {
                                                                                                                                            	Message *string
                                                                                                                                            }

                                                                                                                                              The request was rejected because a specified parameter is not supported or a specified resource is not valid for this operation.

                                                                                                                                              func (*UnsupportedOperationException) Error

                                                                                                                                              func (*UnsupportedOperationException) ErrorCode

                                                                                                                                              func (e *UnsupportedOperationException) ErrorCode() string

                                                                                                                                              func (*UnsupportedOperationException) ErrorFault

                                                                                                                                              func (*UnsupportedOperationException) ErrorMessage

                                                                                                                                              func (e *UnsupportedOperationException) ErrorMessage() string

                                                                                                                                              type WrappingKeySpec

                                                                                                                                              type WrappingKeySpec string
                                                                                                                                              const (
                                                                                                                                              	WrappingKeySpecRsa2048 WrappingKeySpec = "RSA_2048"
                                                                                                                                              )

                                                                                                                                                Enum values for WrappingKeySpec

                                                                                                                                                func (WrappingKeySpec) Values

                                                                                                                                                func (WrappingKeySpec) Values() []WrappingKeySpec

                                                                                                                                                  Values returns all known values for WrappingKeySpec. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.