aws_lite_rs/types/kms.rs
1//! Types for the AWS Key Management Service API (v1).
2//!
3//! Auto-generated from the AWS Botocore Model.
4//! **Do not edit manually** — modify the manifest and re-run codegen.
5
6use serde::{Deserialize, Serialize};
7
8///
9/// **AWS API**: `kms.v1.ListKeysRequest`
10#[derive(Debug, Clone, Default, Serialize, Deserialize)]
11#[serde(rename_all = "PascalCase")]
12pub struct ListKeysRequest {
13 /// Use this parameter to specify the maximum number of items to return. When this value is
14 /// present, KMS does not return more than the specified number of items, but it might
15 /// return fewer. This value is optional. If you include a value, it must be between 1 and
16 /// 1000, inclusive. If you do not include a value, it defaults to 100.
17 #[serde(skip_serializing_if = "Option::is_none")]
18 pub limit: Option<i32>,
19
20 /// Use this parameter in a subsequent request after you receive a response with truncated
21 /// results. Set it to the value of NextMarker from the truncated response you just
22 /// received.
23 #[serde(skip_serializing_if = "Option::is_none")]
24 pub marker: Option<String>,
25}
26
27impl ListKeysRequest {
28 #[cfg(any(test, feature = "test-support"))]
29 /// Create a fixture instance for testing.
30 pub fn fixture() -> Self {
31 Self {
32 limit: Some(100),
33 marker: Some("test-marker".into()),
34 }
35 }
36}
37
38///
39/// **AWS API**: `kms.v1.ListKeysResponse`
40#[derive(Debug, Clone, Default, Serialize, Deserialize)]
41#[serde(rename_all = "PascalCase")]
42pub struct ListKeysResponse {
43 /// A list of KMS keys.
44 #[serde(default)]
45 #[serde(skip_serializing_if = "Vec::is_empty")]
46 pub keys: Vec<KeyListEntry>,
47
48 /// When Truncated is true, this element is present and contains the value to use for the
49 /// Marker parameter in a subsequent request.
50 #[serde(skip_serializing_if = "Option::is_none")]
51 pub next_marker: Option<String>,
52
53 /// A flag that indicates whether there are more items in the list. When this value is true,
54 /// the list in this response is truncated. To get more items, pass the value of the
55 /// NextMarker element in this response to the Marker parameter in a subsequent request.
56 #[serde(skip_serializing_if = "Option::is_none")]
57 pub truncated: Option<bool>,
58}
59
60impl ListKeysResponse {
61 #[cfg(any(test, feature = "test-support"))]
62 /// Create a fixture instance for testing.
63 pub fn fixture() -> Self {
64 Self {
65 keys: vec![],
66 next_marker: Some("test-next_marker".into()),
67 truncated: Some(false),
68 }
69 }
70}
71
72/// Contains information about each entry in the key list.
73///
74/// **AWS API**: `kms.v1.KeyListEntry`
75#[derive(Debug, Clone, Default, Serialize, Deserialize)]
76#[serde(rename_all = "PascalCase")]
77pub struct KeyListEntry {
78 /// Unique identifier of the key.
79 #[serde(skip_serializing_if = "Option::is_none")]
80 pub key_id: Option<String>,
81
82 /// ARN of the key.
83 #[serde(skip_serializing_if = "Option::is_none")]
84 pub key_arn: Option<String>,
85}
86
87impl KeyListEntry {
88 #[cfg(any(test, feature = "test-support"))]
89 /// Create a fixture instance for testing.
90 pub fn fixture() -> Self {
91 Self {
92 key_id: Some("test-key_id".into()),
93 key_arn: Some("test-key_arn".into()),
94 }
95 }
96}
97
98///
99/// **AWS API**: `kms.v1.DescribeKeyRequest`
100///
101/// ## Coverage
102/// 1 of 2 fields included.
103/// Omitted fields:
104/// - `GrantTokens` — not selected in manifest
105#[derive(Debug, Clone, Default, Serialize, Deserialize)]
106#[serde(rename_all = "PascalCase")]
107pub struct DescribeKeyRequest {
108 /// Describes the specified KMS key. If you specify a predefined Amazon Web Services alias
109 /// (an Amazon Web Services alias with no key ID), KMS associates the alias with an Amazon
110 /// Web Services managed key and returns its KeyId and Arn in the response. To specify a KMS
111 /// key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
112 /// it with "alias/". To specify a KMS key in a different Amazon Web Services account, you
113 /// must use the key ARN or alias ARN. For example: Key ID:
114 /// 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-
115 /// east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name:
116 /// alias/ExampleAlias Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias To
117 /// get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias
118 /// name and alias ARN, use ListAliases.
119 pub key_id: String,
120}
121
122impl DescribeKeyRequest {
123 #[cfg(any(test, feature = "test-support"))]
124 /// Create a fixture instance for testing.
125 pub fn fixture() -> Self {
126 Self {
127 key_id: "test-key_id".into(),
128 }
129 }
130}
131
132///
133/// **AWS API**: `kms.v1.DescribeKeyResponse`
134#[derive(Debug, Clone, Default, Serialize, Deserialize)]
135#[serde(rename_all = "PascalCase")]
136pub struct DescribeKeyResponse {
137 /// Metadata associated with the key.
138 #[serde(skip_serializing_if = "Option::is_none")]
139 pub key_metadata: Option<KeyMetadata>,
140}
141
142impl DescribeKeyResponse {
143 #[cfg(any(test, feature = "test-support"))]
144 /// Create a fixture instance for testing.
145 pub fn fixture() -> Self {
146 Self {
147 key_metadata: Some(KeyMetadata::fixture()),
148 }
149 }
150}
151
152/// Contains metadata about a KMS key. This data type is used as a response element for the
153/// CreateKey, DescribeKey, and ReplicateKey operations.
154///
155/// **AWS API**: `kms.v1.KeyMetadata`
156///
157/// ## Coverage
158/// 11 of 26 fields included.
159/// Omitted fields:
160/// - `AWSAccountId` — not selected in manifest
161/// - `ValidTo` — not selected in manifest
162/// - `Origin` — not selected in manifest
163/// - `CustomKeyStoreId` — not selected in manifest
164/// - `CloudHsmClusterId` — not selected in manifest
165/// - `ExpirationModel` — not selected in manifest
166/// - `CustomerMasterKeySpec` — not selected in manifest
167/// - `EncryptionAlgorithms` — not selected in manifest
168/// - `SigningAlgorithms` — not selected in manifest
169/// - `KeyAgreementAlgorithms` — not selected in manifest
170/// - `MultiRegionConfiguration` — not selected in manifest
171/// - `PendingDeletionWindowInDays` — not selected in manifest
172/// - `MacAlgorithms` — not selected in manifest
173/// - `XksKeyConfiguration` — not selected in manifest
174/// - `CurrentKeyMaterialId` — not selected in manifest
175#[derive(Debug, Clone, Default, Serialize, Deserialize)]
176#[serde(rename_all = "PascalCase")]
177pub struct KeyMetadata {
178 /// The globally unique identifier for the KMS key.
179 pub key_id: String,
180
181 /// The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management Service
182 /// (KMS) in the Example ARNs section of the Amazon Web Services General Reference.
183 #[serde(skip_serializing_if = "Option::is_none")]
184 pub arn: Option<String>,
185
186 /// The date and time when the KMS key was created.
187 #[serde(skip_serializing_if = "Option::is_none")]
188 pub creation_date: Option<f64>,
189
190 /// Specifies whether the KMS key is enabled. When KeyState is Enabled this value is true,
191 /// otherwise it is false.
192 #[serde(skip_serializing_if = "Option::is_none")]
193 pub enabled: Option<bool>,
194
195 /// The description of the KMS key.
196 #[serde(skip_serializing_if = "Option::is_none")]
197 pub description: Option<String>,
198
199 /// The cryptographic operations for which you can use the KMS key.
200 #[serde(skip_serializing_if = "Option::is_none")]
201 pub key_usage: Option<String>,
202
203 /// The current status of the KMS key. For more information about how key state affects the
204 /// use of a KMS key, see Key states of KMS keys in the Key Management Service Developer
205 /// Guide.
206 #[serde(skip_serializing_if = "Option::is_none")]
207 pub key_state: Option<String>,
208
209 /// The date and time after which KMS deletes this KMS key. This value is present only when
210 /// the KMS key is scheduled for deletion, that is, when its KeyState is PendingDeletion.
211 /// When the primary key in a multi-Region key is scheduled for deletion but still has
212 /// replica keys, its key state is PendingReplicaDeletion and the length of its waiting
213 /// period is displayed in the PendingDeletionWindowInDays field.
214 #[serde(skip_serializing_if = "Option::is_none")]
215 pub deletion_date: Option<f64>,
216
217 /// The manager of the KMS key. KMS keys in your Amazon Web Services account are either
218 /// customer managed or Amazon Web Services managed. For more information about the
219 /// difference, see KMS keys in the Key Management Service Developer Guide.
220 #[serde(skip_serializing_if = "Option::is_none")]
221 pub key_manager: Option<String>,
222
223 /// Describes the type of key material in the KMS key.
224 #[serde(skip_serializing_if = "Option::is_none")]
225 pub key_spec: Option<String>,
226
227 /// Indicates whether the KMS key is a multi-Region (True) or regional (False) key. This
228 /// value is True for multi-Region primary and replica keys and False for regional KMS keys.
229 /// For more information about multi-Region keys, see Multi-Region keys in KMS in the Key
230 /// Management Service Developer Guide.
231 #[serde(skip_serializing_if = "Option::is_none")]
232 pub multi_region: Option<bool>,
233}
234
235impl KeyMetadata {
236 #[cfg(any(test, feature = "test-support"))]
237 /// Create a fixture instance for testing.
238 pub fn fixture() -> Self {
239 Self {
240 key_id: "test-key_id".into(),
241 arn: Some("test-arn".into()),
242 enabled: Some(false),
243 description: Some("test-description".into()),
244 key_usage: Some("test-key_usage".into()),
245 key_state: Some("test-key_state".into()),
246 key_manager: Some("test-key_manager".into()),
247 key_spec: Some("test-key_spec".into()),
248 multi_region: Some(false),
249 ..Default::default()
250 }
251 }
252}
253
254///
255/// **AWS API**: `kms.v1.GetKeyRotationStatusRequest`
256#[derive(Debug, Clone, Default, Serialize, Deserialize)]
257#[serde(rename_all = "PascalCase")]
258pub struct GetKeyRotationStatusRequest {
259 /// Gets the rotation status for the specified KMS key. Specify the key ID or key ARN of the
260 /// KMS key. To specify a KMS key in a different Amazon Web Services account, you must use
261 /// the key ARN. For example: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN:
262 /// arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab To get the
263 /// key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
264 pub key_id: String,
265}
266
267impl GetKeyRotationStatusRequest {
268 #[cfg(any(test, feature = "test-support"))]
269 /// Create a fixture instance for testing.
270 pub fn fixture() -> Self {
271 Self {
272 key_id: "test-key_id".into(),
273 }
274 }
275}
276
277///
278/// **AWS API**: `kms.v1.GetKeyRotationStatusResponse`
279///
280/// ## Coverage
281/// 4 of 5 fields included.
282/// Omitted fields:
283/// - `OnDemandRotationStartDate` — not selected in manifest
284#[derive(Debug, Clone, Default, Serialize, Deserialize)]
285#[serde(rename_all = "PascalCase")]
286pub struct GetKeyRotationStatusResponse {
287 /// A Boolean value that specifies whether key rotation is enabled.
288 #[serde(skip_serializing_if = "Option::is_none")]
289 pub key_rotation_enabled: Option<bool>,
290
291 /// Identifies the specified symmetric encryption KMS key.
292 #[serde(skip_serializing_if = "Option::is_none")]
293 pub key_id: Option<String>,
294
295 /// The number of days between each automatic rotation. The default value is 365 days.
296 #[serde(skip_serializing_if = "Option::is_none")]
297 pub rotation_period_in_days: Option<i32>,
298
299 /// The next date that KMS will automatically rotate the key material.
300 #[serde(skip_serializing_if = "Option::is_none")]
301 pub next_rotation_date: Option<f64>,
302}
303
304impl GetKeyRotationStatusResponse {
305 #[cfg(any(test, feature = "test-support"))]
306 /// Create a fixture instance for testing.
307 pub fn fixture() -> Self {
308 Self {
309 key_rotation_enabled: Some(false),
310 key_id: Some("test-key_id".into()),
311 rotation_period_in_days: Some(100),
312 ..Default::default()
313 }
314 }
315}
316
317///
318/// **AWS API**: `kms.v1.EnableKeyRotationRequest`
319#[derive(Debug, Clone, Default, Serialize, Deserialize)]
320#[serde(rename_all = "PascalCase")]
321pub struct EnableKeyRotationRequest {
322 /// Identifies a symmetric encryption KMS key. You cannot enable automatic rotation of
323 /// asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in
324 /// a custom key store. To enable or disable automatic rotation of a set of related multi-
325 /// Region keys, set the property on the primary key. Specify the key ID or key ARN of the
326 /// KMS key. For example: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN:
327 /// arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab To get the
328 /// key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
329 pub key_id: String,
330
331 /// Use this parameter to specify a custom period of time between each rotation date. If no
332 /// value is specified, the default value is 365 days. The rotation period defines the
333 /// number of days after you enable automatic key rotation that KMS will rotate your key
334 /// material, and the number of days between each automatic rotation thereafter. You can use
335 /// the kms:RotationPeriodInDays condition key to further constrain the values that
336 /// principals can specify in the RotationPeriodInDays parameter.
337 #[serde(skip_serializing_if = "Option::is_none")]
338 pub rotation_period_in_days: Option<i32>,
339}
340
341impl EnableKeyRotationRequest {
342 #[cfg(any(test, feature = "test-support"))]
343 /// Create a fixture instance for testing.
344 pub fn fixture() -> Self {
345 Self {
346 key_id: "test-key_id".into(),
347 rotation_period_in_days: Some(100),
348 }
349 }
350}