@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api AWS Key Management Service @version 2014-11-01 @auth AWS SigV4 @endpoints 53 @hint download_for_search @toc root(53) @endpoint POST / @required {KeyId: str} @returns(200) {KeyId: str?} @endpoint POST / @required {CustomKeyStoreId: str} @endpoint POST / @required {AliasName: str, TargetKeyId: str} @endpoint POST / @required {CustomKeyStoreName: str} @optional {CloudHsmClusterId: str, TrustAnchorCertificate: str, KeyStorePassword: str, CustomKeyStoreType: str, XksProxyUriEndpoint: str, XksProxyUriPath: str, XksProxyVpcEndpointServiceName: str, XksProxyAuthenticationCredential: XksProxyAuthenticationCredentialType, XksProxyConnectivity: str} @returns(200) {CustomKeyStoreId: str?} @endpoint POST / @required {KeyId: str, GranteePrincipal: str, Operations: [str]} @optional {RetiringPrincipal: str, Constraints: GrantConstraints, GrantTokens: [str], Name: str, DryRun: bool} @returns(200) {GrantToken: str?, GrantId: str?} @endpoint POST / @optional {Policy: str, Description: str, KeyUsage: str, CustomerMasterKeySpec: str, KeySpec: str, Origin: str, CustomKeyStoreId: str, BypassPolicyLockoutSafetyCheck: bool, Tags: [Tag], MultiRegion: bool, XksKeyId: str} @returns(200) {KeyMetadata: KeyMetadata?{AWSAccountId: str?, KeyId: str, Arn: str?, CreationDate: str(timestamp)?, Enabled: bool?, Description: str?, KeyUsage: str?, KeyState: str?, DeletionDate: str(timestamp)?, ValidTo: str(timestamp)?, Origin: str?, CustomKeyStoreId: str?, CloudHsmClusterId: str?, ExpirationModel: str?, KeyManager: str?, CustomerMasterKeySpec: str?, KeySpec: str?, EncryptionAlgorithms: [str]?, SigningAlgorithms: [str]?, KeyAgreementAlgorithms: [str]?, MultiRegion: bool?, MultiRegionConfiguration: MultiRegionConfiguration?{MultiRegionKeyType: str?, PrimaryKey: MultiRegionKey?{Arn: str?, Region: str?}, ReplicaKeys: [MultiRegionKey]?}, PendingDeletionWindowInDays: int?, MacAlgorithms: [str]?, XksKeyConfiguration: XksKeyConfigurationType?{Id: str?}}} @endpoint POST / @required {CiphertextBlob: bytes} @optional {EncryptionContext: map, GrantTokens: [str], KeyId: str, EncryptionAlgorithm: str, Recipient: RecipientInfo, DryRun: bool} @returns(200) {KeyId: str?, Plaintext: bytes?, EncryptionAlgorithm: str?, CiphertextForRecipient: bytes?} @endpoint POST / @required {AliasName: str} @endpoint POST / @required {CustomKeyStoreId: str} @endpoint POST / @required {KeyId: str} @endpoint POST / @required {KeyId: str, KeyAgreementAlgorithm: str, PublicKey: bytes} @optional {GrantTokens: [str], DryRun: bool, Recipient: RecipientInfo} @returns(200) {KeyId: str?, SharedSecret: bytes?, CiphertextForRecipient: bytes?, KeyAgreementAlgorithm: str?, KeyOrigin: str?} @endpoint POST / @optional {CustomKeyStoreId: str, CustomKeyStoreName: str, Limit: int, Marker: str} @returns(200) {CustomKeyStores: [CustomKeyStoresListEntry]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {KeyId: str} @optional {GrantTokens: [str]} @returns(200) {KeyMetadata: KeyMetadata?{AWSAccountId: str?, KeyId: str, Arn: str?, CreationDate: str(timestamp)?, Enabled: bool?, Description: str?, KeyUsage: str?, KeyState: str?, DeletionDate: str(timestamp)?, ValidTo: str(timestamp)?, Origin: str?, CustomKeyStoreId: str?, CloudHsmClusterId: str?, ExpirationModel: str?, KeyManager: str?, CustomerMasterKeySpec: str?, KeySpec: str?, EncryptionAlgorithms: [str]?, SigningAlgorithms: [str]?, KeyAgreementAlgorithms: [str]?, MultiRegion: bool?, MultiRegionConfiguration: MultiRegionConfiguration?{MultiRegionKeyType: str?, PrimaryKey: MultiRegionKey?{Arn: str?, Region: str?}, ReplicaKeys: [MultiRegionKey]?}, PendingDeletionWindowInDays: int?, MacAlgorithms: [str]?, XksKeyConfiguration: XksKeyConfigurationType?{Id: str?}}} @endpoint POST / @required {KeyId: str} @endpoint POST / @required {KeyId: str} @endpoint POST / @required {CustomKeyStoreId: str} @endpoint POST / @required {KeyId: str} @endpoint POST / @required {KeyId: str} @optional {RotationPeriodInDays: int} @endpoint POST / @required {KeyId: str, Plaintext: bytes} @optional {EncryptionContext: map, GrantTokens: [str], EncryptionAlgorithm: str, DryRun: bool} @returns(200) {CiphertextBlob: bytes?, KeyId: str?, EncryptionAlgorithm: str?} @endpoint POST / @required {KeyId: str} @optional {EncryptionContext: map, NumberOfBytes: int, KeySpec: str, GrantTokens: [str], Recipient: RecipientInfo, DryRun: bool} @returns(200) {CiphertextBlob: bytes?, Plaintext: bytes?, KeyId: str?, CiphertextForRecipient: bytes?} @endpoint POST / @required {KeyId: str, KeyPairSpec: str} @optional {EncryptionContext: map, GrantTokens: [str], Recipient: RecipientInfo, DryRun: bool} @returns(200) {PrivateKeyCiphertextBlob: bytes?, PrivateKeyPlaintext: bytes?, PublicKey: bytes?, KeyId: str?, KeyPairSpec: str?, CiphertextForRecipient: bytes?} @endpoint POST / @required {KeyId: str, KeyPairSpec: str} @optional {EncryptionContext: map, GrantTokens: [str], DryRun: bool} @returns(200) {PrivateKeyCiphertextBlob: bytes?, PublicKey: bytes?, KeyId: str?, KeyPairSpec: str?} @endpoint POST / @required {KeyId: str} @optional {EncryptionContext: map, KeySpec: str, NumberOfBytes: int, GrantTokens: [str], DryRun: bool} @returns(200) {CiphertextBlob: bytes?, KeyId: str?} @endpoint POST / @required {Message: bytes, KeyId: str, MacAlgorithm: str} @optional {GrantTokens: [str], DryRun: bool} @returns(200) {Mac: bytes?, MacAlgorithm: str?, KeyId: str?} @endpoint POST / @optional {NumberOfBytes: int, CustomKeyStoreId: str, Recipient: RecipientInfo} @returns(200) {Plaintext: bytes?, CiphertextForRecipient: bytes?} @endpoint POST / @required {KeyId: str} @optional {PolicyName: str} @returns(200) {Policy: str?, PolicyName: str?} @endpoint POST / @required {KeyId: str} @returns(200) {KeyRotationEnabled: bool?, KeyId: str?, RotationPeriodInDays: int?, NextRotationDate: str(timestamp)?, OnDemandRotationStartDate: str(timestamp)?} @endpoint POST / @required {KeyId: str, WrappingAlgorithm: str, WrappingKeySpec: str} @returns(200) {KeyId: str?, ImportToken: bytes?, PublicKey: bytes?, ParametersValidTo: str(timestamp)?} @endpoint POST / @required {KeyId: str} @optional {GrantTokens: [str]} @returns(200) {KeyId: str?, PublicKey: bytes?, CustomerMasterKeySpec: str?, KeySpec: str?, KeyUsage: str?, EncryptionAlgorithms: [str]?, SigningAlgorithms: [str]?, KeyAgreementAlgorithms: [str]?} @endpoint POST / @required {KeyId: str, ImportToken: bytes, EncryptedKeyMaterial: bytes} @optional {ValidTo: str(timestamp), ExpirationModel: str} @endpoint POST / @optional {KeyId: str, Limit: int, Marker: str} @returns(200) {Aliases: [AliasListEntry]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {KeyId: str} @optional {Limit: int, Marker: str, GrantId: str, GranteePrincipal: str} @returns(200) {Grants: [GrantListEntry]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {KeyId: str} @optional {Limit: int, Marker: str} @returns(200) {PolicyNames: [str]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {KeyId: str} @optional {Limit: int, Marker: str} @returns(200) {Rotations: [RotationsListEntry]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @optional {Limit: int, Marker: str} @returns(200) {Keys: [KeyListEntry]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {KeyId: str} @optional {Limit: int, Marker: str} @returns(200) {Tags: [Tag]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {RetiringPrincipal: str} @optional {Limit: int, Marker: str} @returns(200) {Grants: [GrantListEntry]?, NextMarker: str?, Truncated: bool?} @endpoint POST / @required {KeyId: str, Policy: str} @optional {PolicyName: str, BypassPolicyLockoutSafetyCheck: bool} @endpoint POST / @required {CiphertextBlob: bytes, DestinationKeyId: str} @optional {SourceEncryptionContext: map, SourceKeyId: str, DestinationEncryptionContext: map, SourceEncryptionAlgorithm: str, DestinationEncryptionAlgorithm: str, GrantTokens: [str], DryRun: bool} @returns(200) {CiphertextBlob: bytes?, SourceKeyId: str?, KeyId: str?, SourceEncryptionAlgorithm: str?, DestinationEncryptionAlgorithm: str?} @endpoint POST / @required {KeyId: str, ReplicaRegion: str} @optional {Policy: str, BypassPolicyLockoutSafetyCheck: bool, Description: str, Tags: [Tag]} @returns(200) {ReplicaKeyMetadata: KeyMetadata?{AWSAccountId: str?, KeyId: str, Arn: str?, CreationDate: str(timestamp)?, Enabled: bool?, Description: str?, KeyUsage: str?, KeyState: str?, DeletionDate: str(timestamp)?, ValidTo: str(timestamp)?, Origin: str?, CustomKeyStoreId: str?, CloudHsmClusterId: str?, ExpirationModel: str?, KeyManager: str?, CustomerMasterKeySpec: str?, KeySpec: str?, EncryptionAlgorithms: [str]?, SigningAlgorithms: [str]?, KeyAgreementAlgorithms: [str]?, MultiRegion: bool?, MultiRegionConfiguration: MultiRegionConfiguration?{MultiRegionKeyType: str?, PrimaryKey: MultiRegionKey?{Arn: str?, Region: str?}, ReplicaKeys: [MultiRegionKey]?}, PendingDeletionWindowInDays: int?, MacAlgorithms: [str]?, XksKeyConfiguration: XksKeyConfigurationType?{Id: str?}}, ReplicaPolicy: str?, ReplicaTags: [Tag]?} @endpoint POST / @optional {GrantToken: str, KeyId: str, GrantId: str, DryRun: bool} @endpoint POST / @required {KeyId: str, GrantId: str} @optional {DryRun: bool} @endpoint POST / @required {KeyId: str} @returns(200) {KeyId: str?} @endpoint POST / @required {KeyId: str} @optional {PendingWindowInDays: int} @returns(200) {KeyId: str?, DeletionDate: str(timestamp)?, KeyState: str?, PendingWindowInDays: int?} @endpoint POST / @required {KeyId: str, Message: bytes, SigningAlgorithm: str} @optional {MessageType: str, GrantTokens: [str], DryRun: bool} @returns(200) {KeyId: str?, Signature: bytes?, SigningAlgorithm: str?} @endpoint POST / @required {KeyId: str, Tags: [Tag]} @endpoint POST / @required {KeyId: str, TagKeys: [str]} @endpoint POST / @required {AliasName: str, TargetKeyId: str} @endpoint POST / @required {CustomKeyStoreId: str} @optional {NewCustomKeyStoreName: str, KeyStorePassword: str, CloudHsmClusterId: str, XksProxyUriEndpoint: str, XksProxyUriPath: str, XksProxyVpcEndpointServiceName: str, XksProxyAuthenticationCredential: XksProxyAuthenticationCredentialType, XksProxyConnectivity: str} @endpoint POST / @required {KeyId: str, Description: str} @endpoint POST / @required {KeyId: str, PrimaryRegion: str} @endpoint POST / @required {KeyId: str, Message: bytes, Signature: bytes, SigningAlgorithm: str} @optional {MessageType: str, GrantTokens: [str], DryRun: bool} @returns(200) {KeyId: str?, SignatureValid: bool?, SigningAlgorithm: str?} @endpoint POST / @required {Message: bytes, KeyId: str, MacAlgorithm: str, Mac: bytes} @optional {GrantTokens: [str], DryRun: bool} @returns(200) {KeyId: str?, MacValid: bool?, MacAlgorithm: str?} @end