diff --git a/clients/client-ecr/src/commands/CreateRepositoryCommand.ts b/clients/client-ecr/src/commands/CreateRepositoryCommand.ts index 5dfe2709c138e..35d9395c6253a 100644 --- a/clients/client-ecr/src/commands/CreateRepositoryCommand.ts +++ b/clients/client-ecr/src/commands/CreateRepositoryCommand.ts @@ -50,7 +50,7 @@ export interface CreateRepositoryCommandOutput extends CreateRepositoryResponse, * scanOnPush: true || false, * }, * encryptionConfiguration: { // EncryptionConfiguration - * encryptionType: "AES256" || "KMS", // required + * encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * kmsKey: "STRING_VALUE", * }, * }; @@ -68,7 +68,7 @@ export interface CreateRepositoryCommandOutput extends CreateRepositoryResponse, * // scanOnPush: true || false, * // }, * // encryptionConfiguration: { // EncryptionConfiguration - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // }, diff --git a/clients/client-ecr/src/commands/CreateRepositoryCreationTemplateCommand.ts b/clients/client-ecr/src/commands/CreateRepositoryCreationTemplateCommand.ts index 21972c9ad263c..dcc6d42d3b154 100644 --- a/clients/client-ecr/src/commands/CreateRepositoryCreationTemplateCommand.ts +++ b/clients/client-ecr/src/commands/CreateRepositoryCreationTemplateCommand.ts @@ -48,7 +48,7 @@ export interface CreateRepositoryCreationTemplateCommandOutput * prefix: "STRING_VALUE", // required * description: "STRING_VALUE", * encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate - * encryptionType: "AES256" || "KMS", // required + * encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * kmsKey: "STRING_VALUE", * }, * resourceTags: [ // TagList @@ -73,7 +73,7 @@ export interface CreateRepositoryCreationTemplateCommandOutput * // prefix: "STRING_VALUE", * // description: "STRING_VALUE", * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // resourceTags: [ // TagList diff --git a/clients/client-ecr/src/commands/DeleteRepositoryCommand.ts b/clients/client-ecr/src/commands/DeleteRepositoryCommand.ts index d8a4d2ff462d2..75fa75ac9a757 100644 --- a/clients/client-ecr/src/commands/DeleteRepositoryCommand.ts +++ b/clients/client-ecr/src/commands/DeleteRepositoryCommand.ts @@ -56,7 +56,7 @@ export interface DeleteRepositoryCommandOutput extends DeleteRepositoryResponse, * // scanOnPush: true || false, * // }, * // encryptionConfiguration: { // EncryptionConfiguration - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // }, diff --git a/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts b/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts index 6fa011aa8cb19..f56f4b7082383 100644 --- a/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts +++ b/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts @@ -51,7 +51,7 @@ export interface DeleteRepositoryCreationTemplateCommandOutput * // prefix: "STRING_VALUE", * // description: "STRING_VALUE", * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // resourceTags: [ // TagList diff --git a/clients/client-ecr/src/commands/DescribeRepositoriesCommand.ts b/clients/client-ecr/src/commands/DescribeRepositoriesCommand.ts index 1a5450c0ce60b..a018a454b68ea 100644 --- a/clients/client-ecr/src/commands/DescribeRepositoriesCommand.ts +++ b/clients/client-ecr/src/commands/DescribeRepositoriesCommand.ts @@ -58,7 +58,7 @@ export interface DescribeRepositoriesCommandOutput extends DescribeRepositoriesR * // scanOnPush: true || false, * // }, * // encryptionConfiguration: { // EncryptionConfiguration - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // }, diff --git a/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts b/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts index 2ae578809eaa5..0babcdb839bd0 100644 --- a/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts +++ b/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts @@ -61,7 +61,7 @@ export interface DescribeRepositoryCreationTemplatesCommandOutput * // prefix: "STRING_VALUE", * // description: "STRING_VALUE", * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // resourceTags: [ // TagList diff --git a/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts b/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts index b796fc85ca719..fd07fb344deb0 100644 --- a/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts +++ b/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts @@ -44,7 +44,7 @@ export interface UpdateRepositoryCreationTemplateCommandOutput * prefix: "STRING_VALUE", // required * description: "STRING_VALUE", * encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate - * encryptionType: "AES256" || "KMS", // required + * encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * kmsKey: "STRING_VALUE", * }, * resourceTags: [ // TagList @@ -69,7 +69,7 @@ export interface UpdateRepositoryCreationTemplateCommandOutput * // prefix: "STRING_VALUE", * // description: "STRING_VALUE", * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate - * // encryptionType: "AES256" || "KMS", // required + * // encryptionType: "AES256" || "KMS" || "KMS_DSSE", // required * // kmsKey: "STRING_VALUE", * // }, * // resourceTags: [ // TagList diff --git a/clients/client-ecr/src/models/models_0.ts b/clients/client-ecr/src/models/models_0.ts index 8e5cf904c7d0a..b764705ccb7e4 100644 --- a/clients/client-ecr/src/models/models_0.ts +++ b/clients/client-ecr/src/models/models_0.ts @@ -1035,6 +1035,7 @@ export class UnsupportedUpstreamRegistryException extends __BaseException { export const EncryptionType = { AES256: "AES256", KMS: "KMS", + KMS_DSSE: "KMS_DSSE", } as const; /** @@ -1061,10 +1062,12 @@ export interface EncryptionConfiguration { *
If you use the KMS
encryption type, the contents of the repository will
* be encrypted using server-side encryption with Key Management Service key stored in KMS. When you
* use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key
- * for Amazon ECR, or specify your own KMS key, which you already created. For more
- * information, see Protecting data using server-side
- * encryption with an KMS key stored in Key Management Service (SSE-KMS) in the
- * Amazon Simple Storage Service Console Developer Guide.
If you use the KMS_DSSE
encryption type, the contents of the repository
+ * will be encrypted with two layers of encryption using server-side encryption with the
+ * KMS Management Service key stored in KMS. Similar to the KMS encryption type, you
+ * can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS
+ * key, which you've already created.
If you use the The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as
- * the registry that you are configuring. Amazon ECR will assume your supplied role when
- * the customRoleArn is specified. When this field isn't specified, Amazon ECR will
- * use the service-linked role for the repository creation template.AES256
encryption type, Amazon ECR uses server-side encryption
* with Amazon S3-managed encryption keys which encrypts the images in the repository using an
* AES256 encryption algorithm. For more information, see Protecting data using
@@ -1445,9 +1448,9 @@ export interface CreateRepositoryCreationTemplateRequest {
/**
*
The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when - * the customRoleArn is specified. When this field isn't specified, Amazon ECR will - * use the service-linked role for the repository creation template.
+ *The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role + * when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the + * service-linked role for the repository creation template.
* @public */ customRoleArn?: string; @@ -4892,9 +4895,9 @@ export interface UpdateRepositoryCreationTemplateRequest { /** *The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as - * the registry that you are configuring. Amazon ECR will assume your supplied role when - * the customRoleArn is specified. When this field isn't specified, Amazon ECR will - * use the service-linked role for the repository creation template.
+ * the registry that you are configuring. Amazon ECR will assume your supplied role when the + * customRoleArn is specified. When this field isn't specified, Amazon ECR will use the + * service-linked role for the repository creation template. * @public */ customRoleArn?: string; diff --git a/codegen/sdk-codegen/aws-models/ecr.json b/codegen/sdk-codegen/aws-models/ecr.json index 16f2aac51a674..db0295c8094ad 100644 --- a/codegen/sdk-codegen/aws-models/ecr.json +++ b/codegen/sdk-codegen/aws-models/ecr.json @@ -206,7 +206,7 @@ }, "aws.protocols#awsJson1_1": {}, "smithy.api#documentation": "Amazon Elastic Container Registry (Amazon ECR) is a managed container image registry service. Customers can use the\n familiar Docker CLI, or their preferred client, to push, pull, and manage images. Amazon ECR\n provides a secure, scalable, and reliable registry for your Docker or Open Container\n Initiative (OCI) images. Amazon ECR supports private repositories with resource-based\n permissions using IAM so that specific users or Amazon EC2 instances can access\n repositories and images.
\nAmazon ECR has service endpoints in each supported Region. For more information, see Amazon ECR endpoints in the\n Amazon Web Services General Reference.
", - "smithy.api#title": "Amazon EC2 Container Registry", + "smithy.api#title": "Amazon Elastic Container Registry", "smithy.api#xmlNamespace": { "uri": "http://ecr.amazonaws.com/doc/2015-09-21/" }, @@ -2142,7 +2142,7 @@ "customRoleArn": { "target": "com.amazonaws.ecr#CustomRoleArn", "traits": { - "smithy.api#documentation": "The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as\n the registry that you are configuring. Amazon ECR will assume your supplied role when\n the customRoleArn is specified. When this field isn't specified, Amazon ECR will\n use the service-linked role for the repository creation template.
" + "smithy.api#documentation": "The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as\n the registry that you are configuring. Amazon ECR will assume your supplied role when the\n customRoleArn is specified. When this field isn't specified, Amazon ECR will use the\n service-linked role for the repository creation template.
" } } }, @@ -3329,7 +3329,20 @@ "outputToken": "nextToken", "items": "repositories", "pageSize": "maxResults" - } + }, + "smithy.test#smokeTests": [ + { + "id": "DescribeRepositoriesSuccess", + "params": {}, + "vendorParams": { + "region": "us-west-2" + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "expect": { + "success": {} + } + } + ] } }, "com.amazonaws.ecr#DescribeRepositoriesRequest": { @@ -3486,7 +3499,7 @@ "encryptionType": { "target": "com.amazonaws.ecr#EncryptionType", "traits": { - "smithy.api#documentation": "The encryption type to use.
\nIf you use the KMS
encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created. For more\n information, see Protecting data using server-side\n encryption with an KMS key stored in Key Management Service (SSE-KMS) in the\n Amazon Simple Storage Service Console Developer Guide.
If you use the AES256
encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES256 encryption algorithm. For more information, see Protecting data using\n server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the\n Amazon Simple Storage Service Console Developer Guide.
The encryption type to use.
\nIf you use the KMS
encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created.
If you use the KMS_DSSE
encryption type, the contents of the repository\n will be encrypted with two layers of encryption using server-side encryption with the\n KMS Management Service key stored in KMS. Similar to the KMS encryption type, you\n can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS\n key, which you've already created.
If you use the AES256
encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES256 encryption algorithm. For more information, see Protecting data using\n server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the\n Amazon Simple Storage Service Console Developer Guide.
The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when\n the customRoleArn is specified. When this field isn't specified, Amazon ECR will\n use the service-linked role for the repository creation template.
" + "smithy.api#documentation": "The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role\n when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the\n service-linked role for the repository creation template.
" } }, "createdAt": { @@ -8223,7 +8257,7 @@ "customRoleArn": { "target": "com.amazonaws.ecr#CustomRoleArn", "traits": { - "smithy.api#documentation": "The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as\n the registry that you are configuring. Amazon ECR will assume your supplied role when\n the customRoleArn is specified. When this field isn't specified, Amazon ECR will\n use the service-linked role for the repository creation template.
" + "smithy.api#documentation": "The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as\n the registry that you are configuring. Amazon ECR will assume your supplied role when the\n customRoleArn is specified. When this field isn't specified, Amazon ECR will use the\n service-linked role for the repository creation template.
" } } },