Skip to content

Commit

Permalink
feat(client-pipes): This release adds support for customer managed KM…
Browse files Browse the repository at this point in the history 
…S keys in Amazon EventBridge Pipe
  • Loading branch information
awstools committed Sep 10, 2024
1 parent 968260e commit a0eda25
Show file tree
Hide file tree
Showing 6 changed files with 73 additions and 37 deletions.
1 change: 1 addition & 0 deletions clients/client-pipes/src/commands/CreatePipeCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -389,6 +389,7 @@ export interface CreatePipeCommandOutput extends CreatePipeResponse, __MetadataB
* "STRING_VALUE",
* ],
* },
* KmsKeyIdentifier: "STRING_VALUE",
* };
* const command = new CreatePipeCommand(input);
* const response = await client.send(command);
Expand Down
1 change: 1 addition & 0 deletions clients/client-pipes/src/commands/DescribePipeCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -398,6 +398,7 @@ export interface DescribePipeCommandOutput extends DescribePipeResponse, __Metad
* // "STRING_VALUE",
* // ],
* // },
* // KmsKeyIdentifier: "STRING_VALUE",
* // };
*
* ```
Expand Down
1 change: 1 addition & 0 deletions clients/client-pipes/src/commands/UpdatePipeCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -380,6 +380,7 @@ export interface UpdatePipeCommandOutput extends UpdatePipeResponse, __MetadataB
* "STRING_VALUE",
* ],
* },
* KmsKeyIdentifier: "STRING_VALUE",
* };
* const command = new UpdatePipeCommand(input);
* const response = await client.send(command);
Expand Down
70 changes: 36 additions & 34 deletions clients/client-pipes/src/models/models_0.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -620,22 +620,7 @@ export interface S3LogDestinationParameters {

/**
* <p>How EventBridge should format the log records.</p>
* <ul>
* <li>
* <p>
* <code>json</code>: JSON </p>
* </li>
* <li>
* <p>
* <code>plain</code>: Plain text</p>
* </li>
* <li>
* <p>
* <code>w3c</code>: <a href="https://www.w3.org/TR/WD-logfile">W3C extended
* logging file format</a>
* </p>
* </li>
* </ul>
* <p>EventBridge currently only supports <code>json</code> formatting.</p>
* @public
*/
OutputFormat?: S3OutputFormat;
Expand Down Expand Up @@ -1260,8 +1245,7 @@ export interface SelfManagedKafkaAccessConfigurationVpc {

/**
* <p>Specifies the security groups associated with the stream. These security groups must all
* be in the same VPC. You can specify as many as five security groups. If you do not specify
* a security group, the default security group for the VPC is used.</p>
* be in the same VPC. You can specify as many as five security groups.</p>
* @public
*/
SecurityGroup?: string[];
Expand Down Expand Up @@ -2736,6 +2720,18 @@ export interface CreatePipeRequest {
* @public
*/
LogConfiguration?: PipeLogConfigurationParameters;

/**
* <p>The identifier of the KMS
* customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key
* Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.</p>
* <p>If you do not specify a customer managed key identifier, EventBridge uses an
* Amazon Web Services owned key to encrypt pipe data.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html">Managing keys</a> in the <i>Key Management Service
* Developer Guide</i>. </p>
* @public
*/
KmsKeyIdentifier?: string;
}

/**
Expand Down Expand Up @@ -3109,22 +3105,7 @@ export interface S3LogDestination {

/**
* <p>The format EventBridge uses for the log records.</p>
* <ul>
* <li>
* <p>
* <code>json</code>: JSON </p>
* </li>
* <li>
* <p>
* <code>plain</code>: Plain text</p>
* </li>
* <li>
* <p>
* <code>w3c</code>: <a href="https://www.w3.org/TR/WD-logfile">W3C extended
* logging file format</a>
* </p>
* </li>
* </ul>
* <p>EventBridge currently only supports <code>json</code> formatting.</p>
* @public
*/
OutputFormat?: S3OutputFormat;
Expand Down Expand Up @@ -3277,6 +3258,14 @@ export interface DescribePipeResponse {
* @public
*/
LogConfiguration?: PipeLogConfiguration;

/**
* <p>The identifier of the KMS
* customer managed key for EventBridge to use to encrypt pipe data, if one has been specified.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html">Data encryption in EventBridge</a> in the <i>Amazon EventBridge User Guide</i>.</p>
* @public
*/
KmsKeyIdentifier?: string;
}

/**
Expand Down Expand Up @@ -3899,6 +3888,19 @@ export interface UpdatePipeRequest {
* @public
*/
LogConfiguration?: PipeLogConfigurationParameters;

/**
* <p>The identifier of the KMS
* customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key
* Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.</p>
* <p>To update a pipe that is using the default Amazon Web Services owned key to use a customer managed key instead, or update a pipe that is using a customer managed key to use a
* different customer managed key, specify a customer managed key identifier.</p>
* <p>To update a pipe that is using a customer managed key to use the default Amazon Web Services owned key, specify an empty string.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html">Managing keys</a> in the <i>Key Management Service
* Developer Guide</i>. </p>
* @public
*/
KmsKeyIdentifier?: string;
}

/**
Expand Down
3 changes: 3 additions & 0 deletions clients/client-pipes/src/protocols/Aws_restJson1.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,7 @@ export const se_CreatePipeCommand = async (
DesiredState: [],
Enrichment: [],
EnrichmentParameters: (_) => _json(_),
KmsKeyIdentifier: [],
LogConfiguration: (_) => _json(_),
RoleArn: [],
Source: [],
Expand Down Expand Up @@ -318,6 +319,7 @@ export const se_UpdatePipeCommand = async (
DesiredState: [],
Enrichment: [],
EnrichmentParameters: (_) => _json(_),
KmsKeyIdentifier: [],
LogConfiguration: (_) => _json(_),
RoleArn: [],
SourceParameters: (_) => _json(_),
Expand Down Expand Up @@ -403,6 +405,7 @@ export const de_DescribePipeCommand = async (
DesiredState: __expectString,
Enrichment: __expectString,
EnrichmentParameters: _json,
KmsKeyIdentifier: __expectString,
LastModifiedTime: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
LogConfiguration: _json,
Name: __expectString,
Expand Down
34 changes: 31 additions & 3 deletions codegen/sdk-codegen/aws-models/pipes.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -547,6 +547,12 @@
"aws.cloudformation#cfnMutability": "write",
"smithy.api#documentation": "<p>The logging configuration settings for the pipe.</p>"
}
},
"KmsKeyIdentifier": {
"target": "com.amazonaws.pipes#KmsKeyIdentifier",
"traits": {
"smithy.api#documentation": "<p>The identifier of the KMS\n customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key \n Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.</p>\n <p>If you do not specify a customer managed key identifier, EventBridge uses an\n Amazon Web Services owned key to encrypt pipe data.</p>\n <p>For more information, see <a href=\"https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html\">Managing keys</a> in the <i>Key Management Service\n Developer Guide</i>. </p>"
}
}
},
"traits": {
Expand Down Expand Up @@ -887,6 +893,12 @@
"aws.cloudformation#cfnMutability": "read",
"smithy.api#documentation": "<p>The logging configuration settings for the pipe.</p>"
}
},
"KmsKeyIdentifier": {
"target": "com.amazonaws.pipes#KmsKeyIdentifier",
"traits": {
"smithy.api#documentation": "<p>The identifier of the KMS\n customer managed key for EventBridge to use to encrypt pipe data, if one has been specified.</p>\n <p>For more information, see <a href=\"https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html\">Data encryption in EventBridge</a> in the <i>Amazon EventBridge User Guide</i>.</p>"
}
}
},
"traits": {
Expand Down Expand Up @@ -1563,6 +1575,16 @@
]
}
},
"com.amazonaws.pipes#KmsKeyIdentifier": {
"type": "string",
"traits": {
"smithy.api#length": {
"min": 0,
"max": 2048
},
"smithy.api#pattern": "^[a-zA-Z0-9_\\-/:]*$"
}
},
"com.amazonaws.pipes#LaunchType": {
"type": "string",
"traits": {
Expand Down Expand Up @@ -4383,7 +4405,7 @@
"OutputFormat": {
"target": "com.amazonaws.pipes#S3OutputFormat",
"traits": {
"smithy.api#documentation": "<p>The format EventBridge uses for the log records.</p>\n <ul>\n <li>\n <p>\n <code>json</code>: JSON </p>\n </li>\n <li>\n <p>\n <code>plain</code>: Plain text</p>\n </li>\n <li>\n <p>\n <code>w3c</code>: <a href=\"https://www.w3.org/TR/WD-logfile\">W3C extended\n logging file format</a>\n </p>\n </li>\n </ul>"
"smithy.api#documentation": "<p>The format EventBridge uses for the log records.</p>\n <p>EventBridge currently only supports <code>json</code> formatting.</p>"
}
}
},
Expand Down Expand Up @@ -4416,7 +4438,7 @@
"OutputFormat": {
"target": "com.amazonaws.pipes#S3OutputFormat",
"traits": {
"smithy.api#documentation": "<p>How EventBridge should format the log records.</p>\n <ul>\n <li>\n <p>\n <code>json</code>: JSON </p>\n </li>\n <li>\n <p>\n <code>plain</code>: Plain text</p>\n </li>\n <li>\n <p>\n <code>w3c</code>: <a href=\"https://www.w3.org/TR/WD-logfile\">W3C extended\n logging file format</a>\n </p>\n </li>\n </ul>"
"smithy.api#documentation": "<p>How EventBridge should format the log records.</p>\n <p>EventBridge currently only supports <code>json</code> formatting.</p>"
}
},
"Prefix": {
Expand Down Expand Up @@ -4620,7 +4642,7 @@
"SecurityGroup": {
"target": "com.amazonaws.pipes#SecurityGroupIds",
"traits": {
"smithy.api#documentation": "<p>Specifies the security groups associated with the stream. These security groups must all\n be in the same VPC. You can specify as many as five security groups. If you do not specify\n a security group, the default security group for the VPC is used.</p>"
"smithy.api#documentation": "<p>Specifies the security groups associated with the stream. These security groups must all\n be in the same VPC. You can specify as many as five security groups.</p>"
}
}
},
Expand Down Expand Up @@ -5402,6 +5424,12 @@
"aws.cloudformation#cfnMutability": "write",
"smithy.api#documentation": "<p>The logging configuration settings for the pipe.</p>"
}
},
"KmsKeyIdentifier": {
"target": "com.amazonaws.pipes#KmsKeyIdentifier",
"traits": {
"smithy.api#documentation": "<p>The identifier of the KMS\n customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key \n Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.</p>\n <p>To update a pipe that is using the default Amazon Web Services owned key to use a customer managed key instead, or update a pipe that is using a customer managed key to use a\n different customer managed key, specify a customer managed key identifier.</p>\n <p>To update a pipe that is using a customer managed key to use the default Amazon Web Services owned key, specify an empty string.</p>\n <p>For more information, see <a href=\"https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html\">Managing keys</a> in the <i>Key Management Service\n Developer Guide</i>. </p>"
}
}
},
"traits": {
Expand Down

0 comments on commit a0eda25

Please sign in to comment.