Amazon EventBridge introduces KMS customer-managed key (CMK) encrypti…

…on support for custom and partner events published on EventBridge Event Bus (including default bus) and UpdateEventBus API.
aws · May 13, 2024 · 0b1c1c2 · 0b1c1c2
1 parent 7ecd278
commit 0b1c1c2
Show file tree

Hide file tree

Showing 35 changed files with 2,012 additions and 108 deletions.
diff --git a/generator/ServiceModels/eventbridge/eventbridge-2015-10-07.api.json b/generator/ServiceModels/eventbridge/eventbridge-2015-10-07.api.json
@@ -5,6 +5,7 @@
     "endpointPrefix":"events",
     "jsonVersion":"1.1",
     "protocol":"json",
+    "protocols":["json"],
     "serviceFullName":"Amazon EventBridge",
     "serviceId":"EventBridge",
     "signatureVersion":"v4",
@@ -793,6 +794,21 @@
         {"shape":"ConcurrentModificationException"},
         {"shape":"InternalException"}
       ]
+    },
+    "UpdateEventBus":{
+      "name":"UpdateEventBus",
+      "http":{
+        "method":"POST",
+        "requestUri":"/"
+      },
+      "input":{"shape":"UpdateEventBusRequest"},
+      "output":{"shape":"UpdateEventBusResponse"},
+      "errors":[
+        {"shape":"ResourceNotFoundException"},
+        {"shape":"InternalException"},
+        {"shape":"ConcurrentModificationException"},
+        {"shape":"OperationDisabledException"}
+      ]
     }
   },
   "shapes":{
@@ -1367,13 +1383,19 @@
       "members":{
         "Name":{"shape":"EventBusName"},
         "EventSourceName":{"shape":"EventSourceName"},
+        "Description":{"shape":"EventBusDescription"},
+        "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"},
+        "DeadLetterConfig":{"shape":"DeadLetterConfig"},
         "Tags":{"shape":"TagList"}
       }
     },
     "CreateEventBusResponse":{
       "type":"structure",
       "members":{
-        "EventBusArn":{"shape":"String"}
+        "EventBusArn":{"shape":"String"},
+        "Description":{"shape":"EventBusDescription"},
+        "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"},
+        "DeadLetterConfig":{"shape":"DeadLetterConfig"}
       }
     },
     "CreatePartnerEventSourceRequest":{
@@ -1623,7 +1645,12 @@
       "members":{
         "Name":{"shape":"String"},
         "Arn":{"shape":"String"},
-        "Policy":{"shape":"String"}
+        "Description":{"shape":"EventBusDescription"},
+        "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"},
+        "DeadLetterConfig":{"shape":"DeadLetterConfig"},
+        "Policy":{"shape":"String"},
+        "CreationTime":{"shape":"Timestamp"},
+        "LastModifiedTime":{"shape":"Timestamp"}
       }
     },
     "DescribeEventSourceRequest":{
@@ -1830,9 +1857,16 @@
       "members":{
         "Name":{"shape":"String"},
         "Arn":{"shape":"String"},
-        "Policy":{"shape":"String"}
+        "Description":{"shape":"EventBusDescription"},
+        "Policy":{"shape":"String"},
+        "CreationTime":{"shape":"Timestamp"},
+        "LastModifiedTime":{"shape":"Timestamp"}
       }
     },
+    "EventBusDescription":{
+      "type":"string",
+      "max":512
+    },
     "EventBusList":{
       "type":"list",
       "member":{"shape":"EventBus"}
@@ -2018,6 +2052,10 @@
         "PartitionKeyPath":{"shape":"TargetPartitionKeyPath"}
       }
     },
+    "KmsKeyIdentifier":{
+      "type":"string",
+      "max":2048
+    },
     "LaunchType":{
       "type":"string",
       "enum":[
@@ -3257,6 +3295,25 @@
         "EndpointUrl":{"shape":"EndpointUrl"},
         "State":{"shape":"EndpointState"}
       }
+    },
+    "UpdateEventBusRequest":{
+      "type":"structure",
+      "members":{
+        "Name":{"shape":"EventBusName"},
+        "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"},
+        "Description":{"shape":"EventBusDescription"},
+        "DeadLetterConfig":{"shape":"DeadLetterConfig"}
+      }
+    },
+    "UpdateEventBusResponse":{
+      "type":"structure",
+      "members":{
+        "Arn":{"shape":"String"},
+        "Name":{"shape":"EventBusName"},
+        "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"},
+        "Description":{"shape":"EventBusDescription"},
+        "DeadLetterConfig":{"shape":"DeadLetterConfig"}
+      }
     }
   }
 }
diff --git a/generator/ServiceModels/eventbridge/eventbridge-2015-10-07.docs.json b/generator/ServiceModels/eventbridge/eventbridge-2015-10-07.docs.json
diff --git a/generator/ServiceModels/eventbridge/eventbridge-2015-10-07.normal.json b/generator/ServiceModels/eventbridge/eventbridge-2015-10-07.normal.json
diff --git a/sdk/code-analysis/ServiceAnalysis/EventBridge/Generated/PropertyValueRules.xml b/sdk/code-analysis/ServiceAnalysis/EventBridge/Generated/PropertyValueRules.xml
@@ -143,18 +143,34 @@
     <max>256</max>
     <pattern>^arn:aws[a-z-]*:iam::\d{12}:role\/[\w+=,.@/-]+$</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.CreateEventBusRequest.Description</property>
+    <max>512</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.EventBridge.Model.CreateEventBusRequest.EventSourceName</property>
     <min>1</min>
     <max>256</max>
     <pattern>aws\.partner(/[\.\-_A-Za-z0-9]+){2,}</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.CreateEventBusRequest.KmsKeyIdentifier</property>
+    <max>2048</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.EventBridge.Model.CreateEventBusRequest.Name</property>
     <min>1</min>
     <max>256</max>
     <pattern>[/\.\-_A-Za-z0-9]+</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.CreateEventBusResponse.Description</property>
+    <max>512</max>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.CreateEventBusResponse.KmsKeyIdentifier</property>
+    <max>2048</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.EventBridge.Model.CreatePartnerEventSourceRequest.Account</property>
     <min>12</min>
@@ -418,6 +434,14 @@
     <max>1600</max>
     <pattern>(arn:aws[\w-]*:events:[a-z]{2}-[a-z]+-[\w-]+:[0-9]{12}:event-bus\/)?[/\.\-_A-Za-z0-9]+</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.DescribeEventBusResponse.Description</property>
+    <max>512</max>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.DescribeEventBusResponse.KmsKeyIdentifier</property>
+    <max>2048</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.EventBridge.Model.DescribeEventSourceRequest.Name</property>
     <min>1</min>
@@ -1107,6 +1131,34 @@
     <max>256</max>
     <pattern>^arn:aws[a-z-]*:iam::\d{12}:role\/[\w+=,.@/-]+$</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.UpdateEventBusRequest.Description</property>
+    <max>512</max>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.UpdateEventBusRequest.KmsKeyIdentifier</property>
+    <max>2048</max>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.UpdateEventBusRequest.Name</property>
+    <min>1</min>
+    <max>256</max>
+    <pattern>[/\.\-_A-Za-z0-9]+</pattern>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.UpdateEventBusResponse.Description</property>
+    <max>512</max>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.UpdateEventBusResponse.KmsKeyIdentifier</property>
+    <max>2048</max>
+  </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.UpdateEventBusResponse.Name</property>
+    <min>1</min>
+    <max>256</max>
+    <pattern>[/\.\-_A-Za-z0-9]+</pattern>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.EventBridge.Model.ApiDestination.ApiDestinationArn</property>
     <min>1</min>
@@ -1343,6 +1395,10 @@
     <max>512</max>
     <pattern>^arn:aws[a-z-]*:events:[a-z]{2}-[a-z-]+-\d+:\d{12}:event-bus/[\w.-]+$</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.EventBridge.Model.EventBus.Description</property>
+    <max>512</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.EventBridge.Model.InputTransformer.InputTemplate</property>
     <min>1</min>

diff --git a/sdk/src/Services/EventBridge/Generated/Model/CreateArchiveRequest.cs b/sdk/src/Services/EventBridge/Generated/Model/CreateArchiveRequest.cs
@@ -36,6 +36,35 @@ namespace Amazon.EventBridge.Model
     /// period of time for changes to take effect. If you do not specify a pattern to filter
     /// events sent to the archive, all events are sent to the archive except replayed events.
     /// Replayed events are not sent to an archive.
+    /// 
+    ///  <note> 
+    /// <para>
+    /// Archives and schema discovery are not supported for event buses encrypted using a
+    /// customer managed key. EventBridge returns an error if:
+    /// </para>
+    ///  <ul> <li> 
+    /// <para>
+    /// You call <c> <a href="https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html">CreateArchive</a>
+    /// </c> on an event bus set to use a customer managed key for encryption.
+    /// </para>
+    ///  </li> <li> 
+    /// <para>
+    /// You call <c> <a href="https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer">CreateDiscoverer</a>
+    /// </c> on an event bus set to use a customer managed key for encryption.
+    /// </para>
+    ///  </li> <li> 
+    /// <para>
+    /// You call <c> <a href="https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html">UpdatedEventBus</a>
+    /// </c> to set a customer managed key on an event bus with an archives or schema discovery
+    /// enabled.
+    /// </para>
+    ///  </li> </ul> 
+    /// <para>
+    /// To enable archives or schema discovery on an event bus, choose to use an Amazon Web
+    /// Services owned key. For more information, see <a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html">Data
+    /// encryption in EventBridge</a> in the <i>Amazon EventBridge User Guide</i>.
+    /// </para>
+    ///  </note>
     /// </summary>
     public partial class CreateArchiveRequest : AmazonEventBridgeRequest
     {

diff --git a/sdk/src/Services/EventBridge/Generated/Model/CreateEventBusRequest.cs b/sdk/src/Services/EventBridge/Generated/Model/CreateEventBusRequest.cs
@@ -37,10 +37,47 @@ namespace Amazon.EventBridge.Model
     /// </summary>
     public partial class CreateEventBusRequest : AmazonEventBridgeRequest
     {
+        private DeadLetterConfig _deadLetterConfig;
+        private string _description;
         private string _eventSourceName;
+        private string _kmsKeyIdentifier;
         private string _name;
         private List<Tag> _tags = AWSConfigs.InitializeCollections ? new List<Tag>() : null;
 
+        /// <summary>
+        /// Gets and sets the property DeadLetterConfig.
+        /// </summary>
+        public DeadLetterConfig DeadLetterConfig
+        {
+            get { return this._deadLetterConfig; }
+            set { this._deadLetterConfig = value; }
+        }
+
+        // Check to see if DeadLetterConfig property is set
+        internal bool IsSetDeadLetterConfig()
+        {
+            return this._deadLetterConfig != null;
+        }
+
+        /// <summary>
+        /// Gets and sets the property Description. 
+        /// <para>
+        /// The event bus description.
+        /// </para>
+        /// </summary>
+        [AWSProperty(Max=512)]
+        public string Description
+        {
+            get { return this._description; }
+            set { this._description = value; }
+        }
+
+        // Check to see if Description property is set
+        internal bool IsSetDescription()
+        {
+            return this._description != null;
+        }
+
         /// <summary>
         /// Gets and sets the property EventSourceName. 
         /// <para>
@@ -61,6 +98,65 @@ internal bool IsSetEventSourceName()
             return this._eventSourceName != null;
         }
 
+        /// <summary>
+        /// Gets and sets the property KmsKeyIdentifier. 
+        /// <para>
+        /// The identifier of the KMS customer managed key for EventBridge to use, if you choose
+        /// to use a customer managed key to encrypt events on this event bus. The identifier
+        /// can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.
+        /// </para>
+        ///  
+        /// <para>
+        /// If you do not specify a customer managed key identifier, EventBridge uses an Amazon
+        /// Web Services owned key to encrypt events on the event bus.
+        /// </para>
+        ///  
+        /// <para>
+        /// For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html">Managing
+        /// keys</a> in the <i>Key Management Service Developer Guide</i>. 
+        /// </para>
+        ///  <note> 
+        /// <para>
+        /// Archives and schema discovery are not supported for event buses encrypted using a
+        /// customer managed key. EventBridge returns an error if:
+        /// </para>
+        ///  <ul> <li> 
+        /// <para>
+        /// You call <c> <a href="https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html">CreateArchive</a>
+        /// </c> on an event bus set to use a customer managed key for encryption.
+        /// </para>
+        ///  </li> <li> 
+        /// <para>
+        /// You call <c> <a href="https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer">CreateDiscoverer</a>
+        /// </c> on an event bus set to use a customer managed key for encryption.
+        /// </para>
+        ///  </li> <li> 
+        /// <para>
+        /// You call <c> <a href="https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html">UpdatedEventBus</a>
+        /// </c> to set a customer managed key on an event bus with an archives or schema discovery
+        /// enabled.
+        /// </para>
+        ///  </li> </ul> 
+        /// <para>
+        /// To enable archives or schema discovery on an event bus, choose to use an Amazon Web
+        /// Services owned key. For more information, see <a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html">Data
+        /// encryption in EventBridge</a> in the <i>Amazon EventBridge User Guide</i>.
+        /// </para>
+        ///  </note>
+        /// </summary>
+        [AWSProperty(Max=2048)]
+        public string KmsKeyIdentifier
+        {
+            get { return this._kmsKeyIdentifier; }
+            set { this._kmsKeyIdentifier = value; }
+        }
+
+        // Check to see if KmsKeyIdentifier property is set
+        internal bool IsSetKmsKeyIdentifier()
+        {
+            return this._kmsKeyIdentifier != null;
+        }
+
         /// <summary>
         /// Gets and sets the property Name. 
         /// <para>