From 0c470f6e777f94f3df52660226f58ff94a1a2835 Mon Sep 17 00:00:00 2001
From: awstools The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's
+ * .zip deployment package. If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key. The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's
- * environment variables. When
- * Lambda SnapStart is activated, Lambda also uses
- * this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to
- * encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR).
- * If you don't provide a customer managed key, Lambda uses a default service key. The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt the following resources: The function's environment variables. The function's Lambda SnapStart snapshots. When used with The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see Function lifecycle. If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key or an Amazon Web Services managed key. The KMS key that's used to encrypt the function's environment variables. When Lambda SnapStart is activated, this key is also used to encrypt the function's snapshot. This key is
- * returned only if you've configured a customer managed key. The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt the following resources: The function's environment variables. The function's Lambda SnapStart snapshots. When used with The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see Function lifecycle. If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key or an Amazon Web Services managed key. The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's
+ * .zip deployment package. If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key. The function's tags. Lambda
- * returns tag data only if you have explicit allow permissions for lambda:ListTags.
+ *
+ * SourceKMSKeyArn
, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see
+ * Specifying a customer managed key for Lambda.
+ *
+ * SourceKMSKeyArn
, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see
+ * Specifying a customer managed key for Lambda.
The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's + * .zip deployment package. If you don't provide a customer managed key, Lambda uses an Amazon Web Services managed key.
+ * @public + */ + SourceKMSKeyArn?: string; } /** @@ -7307,12 +7354,23 @@ export interface UpdateFunctionConfigurationRequest { DeadLetterConfig?: DeadLetterConfig; /** - *The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's - * environment variables. When - * Lambda SnapStart is activated, Lambda also uses - * this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to - * encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). - * If you don't provide a customer managed key, Lambda uses a default service key.
+ *The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt the following resources:
+ *The function's environment variables.
+ *The function's Lambda SnapStart snapshots.
+ *When used with SourceKMSKeyArn
, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see
+ * Specifying a customer managed key for Lambda.
The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see Function lifecycle.
+ *If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key or an Amazon Web Services managed key.
* @public */ KMSKeyArn?: string; diff --git a/clients/client-lambda/src/protocols/Aws_restJson1.ts b/clients/client-lambda/src/protocols/Aws_restJson1.ts index 92622a289949..78cf241e4208 100644 --- a/clients/client-lambda/src/protocols/Aws_restJson1.ts +++ b/clients/client-lambda/src/protocols/Aws_restJson1.ts @@ -1728,6 +1728,7 @@ export const se_UpdateFunctionCodeCommand = async ( S3Bucket: [], S3Key: [], S3ObjectVersion: [], + SourceKMSKeyArn: [], ZipFile: (_) => context.base64Encoder(_), }) ); @@ -4646,6 +4647,7 @@ const se_FunctionCode = (input: FunctionCode, context: __SerdeContext): any => { S3Bucket: [], S3Key: [], S3ObjectVersion: [], + SourceKMSKeyArn: [], ZipFile: context.base64Encoder, }); }; diff --git a/codegen/sdk-codegen/aws-models/lambda.json b/codegen/sdk-codegen/aws-models/lambda.json index 19f1685a55cb..2f1bd5adeda2 100644 --- a/codegen/sdk-codegen/aws-models/lambda.json +++ b/codegen/sdk-codegen/aws-models/lambda.json @@ -2974,7 +2974,7 @@ "KMSKeyArn": { "target": "com.amazonaws.lambda#KMSKeyArn", "traits": { - "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's \nenvironment variables. When \nLambda SnapStart is activated, Lambda also uses \nthis key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to \nencrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR).\nIf you don't provide a customer managed key, Lambda uses a default service key.
" + "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt the following resources:
\nThe function's environment variables.
\nThe function's Lambda SnapStart snapshots.
\nWhen used with SourceKMSKeyArn
, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see \nSpecifying a customer managed key for Lambda.
The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see Function lifecycle.
\nIf you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key or an Amazon Web Services managed key.
" } }, "TracingConfig": { @@ -4559,6 +4559,12 @@ "traits": { "smithy.api#documentation": "URI of a container image in the\n Amazon ECR registry.
" } + }, + "SourceKMSKeyArn": { + "target": "com.amazonaws.lambda#KMSKeyArn", + "traits": { + "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's \n.zip deployment package. If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key.
" + } } }, "traits": { @@ -4591,6 +4597,12 @@ "traits": { "smithy.api#documentation": "The resolved URI for the image.
" } + }, + "SourceKMSKeyArn": { + "target": "com.amazonaws.lambda#String", + "traits": { + "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's \n.zip deployment package. If you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key.
" + } } }, "traits": { @@ -4694,7 +4706,7 @@ "KMSKeyArn": { "target": "com.amazonaws.lambda#KMSKeyArn", "traits": { - "smithy.api#documentation": "The KMS key that's used to encrypt the function's environment variables. When Lambda SnapStart is activated, this key is also used to encrypt the function's snapshot. This key is\n returned only if you've configured a customer managed key.
" + "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt the following resources:
\nThe function's environment variables.
\nThe function's Lambda SnapStart snapshots.
\nWhen used with SourceKMSKeyArn
, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see \n Specifying a customer managed key for Lambda.
The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see Function lifecycle.
\nIf you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key or an Amazon Web Services managed key.
" } }, "TracingConfig": { @@ -5926,7 +5938,7 @@ "Tags": { "target": "com.amazonaws.lambda#Tags", "traits": { - "smithy.api#documentation": "The function's tags. Lambda\n returns tag data only if you have explicit allow permissions for lambda:ListTags.
" + "smithy.api#documentation": "The function's tags. Lambda\n returns tag data only if you have explicit allow permissions for lambda:ListTags.
" } }, "TagsError": { @@ -12760,6 +12772,12 @@ "traits": { "smithy.api#documentation": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64).\n The default value is x86_64
.
The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's \n .zip deployment package. If you don't provide a customer managed key, Lambda uses an Amazon Web Services managed key.
" + } } }, "traits": { @@ -12908,7 +12926,7 @@ "KMSKeyArn": { "target": "com.amazonaws.lambda#KMSKeyArn", "traits": { - "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's \nenvironment variables. When \nLambda SnapStart is activated, Lambda also uses \nthis key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to \nencrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR).\nIf you don't provide a customer managed key, Lambda uses a default service key.
" + "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt the following resources:
\nThe function's environment variables.
\nThe function's Lambda SnapStart snapshots.
\nWhen used with SourceKMSKeyArn
, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see \nSpecifying a customer managed key for Lambda.
The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see Function lifecycle.
\nIf you don't provide a customer managed key, Lambda uses an Amazon Web Services owned key or an Amazon Web Services managed key.
" } }, "TracingConfig": {