// Code generated by smithy-go-codegen DO NOT EDIT.

// Package kms provides the API client, operations, and parameter types for AWS Key
// Management Service.
//
// AWS Key Management Service AWS Key Management Service (AWS KMS) is an encryption
// and key management web service. This guide describes the AWS KMS operations that
// you can call programmatically. For general information about AWS KMS, see the
// AWS Key Management Service Developer Guide
// (https://docs.aws.amazon.com/kms/latest/developerguide/). AWS provides SDKs that
// consist of libraries and sample code for various programming languages and
// platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs provide a
// convenient way to create programmatic access to AWS KMS and other AWS services.
// For example, the SDKs take care of tasks such as signing requests (see below),
// managing errors, and retrying requests automatically. For more information about
// the AWS SDKs, including how to download and install them, see Tools for Amazon
// Web Services (http://aws.amazon.com/tools/). We recommend that you use the AWS
// SDKs to make programmatic API calls to AWS KMS. Clients must support TLS
// (Transport Layer Security) 1.0. We recommend TLS 1.2. Clients must also support
// cipher suites with Perfect Forward Secrecy (PFS) such as Ephemeral
// Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most
// modern systems such as Java 7 and later support these modes. Signing Requests
// Requests must be signed by using an access key ID and a secret access key. We
// strongly recommend that you do not use your AWS account (root) access key ID and
// secret key for everyday work with AWS KMS. Instead, use the access key ID and
// secret access key for an IAM user. You can also use the AWS Security Token
// Service to generate temporary security credentials that you can use to sign
// requests. All AWS KMS operations require Signature Version 4
// (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
// Logging API Requests AWS KMS supports AWS CloudTrail, a service that logs AWS
// API calls and related events for your AWS account and delivers them to an Amazon
// S3 bucket that you specify. By using the information collected by CloudTrail,
// you can determine what requests were made to AWS KMS, who made the request, when
// it was made, and so on. To learn more about CloudTrail, including how to turn it
// on and find your log files, see the AWS CloudTrail User Guide
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/). Additional
// Resources For more information about credentials and request signing, see the
// following:
//
// * AWS Security Credentials
// (https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) -
// This topic provides general information about the types of credentials used for
// accessing AWS.
//
// * Temporary Security Credentials
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) -
// This section of the IAM User Guide describes how to create and use temporary
// security credentials.
//
// * Signature Version 4 Signing Process
// (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) - This
// set of topics walks you through the process of signing a request using an access
// key ID and a secret access key.
//
// Commonly Used API Operations Of the API
// operations discussed in this guide, the following will prove the most useful for
// most applications. You will likely perform operations other than these, such as
// creating keys and assigning policies, by using the console.
//
// * Encrypt
//
// *
// Decrypt
//
// * GenerateDataKey
//
// * GenerateDataKeyWithoutPlaintext
package kms