github.com/aavshr/aws-sdk-go@v1.41.3/service/kms/errors.go

// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.

package kms

import (
	"github.com/aavshr/aws-sdk-go/private/protocol"
)

const (

	// ErrCodeAlreadyExistsException for service response error code
	// "AlreadyExistsException".
	//
	// The request was rejected because it attempted to create a resource that already
	// exists.
	ErrCodeAlreadyExistsException = "AlreadyExistsException"

	// ErrCodeCloudHsmClusterInUseException for service response error code
	// "CloudHsmClusterInUseException".
	//
	// The request was rejected because the specified CloudHSM cluster is already
	// associated with a custom key store or it shares a backup history with a cluster
	// that is associated with a custom key store. Each custom key store must be
	// associated with a different CloudHSM cluster.
	//
	// Clusters that share a backup history have the same cluster certificate. To
	// view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html)
	// operation.
	ErrCodeCloudHsmClusterInUseException = "CloudHsmClusterInUseException"

	// ErrCodeCloudHsmClusterInvalidConfigurationException for service response error code
	// "CloudHsmClusterInvalidConfigurationException".
	//
	// The request was rejected because the associated CloudHSM cluster did not
	// meet the configuration requirements for a custom key store.
	//
	//    * The cluster must be configured with private subnets in at least two
	//    different Availability Zones in the Region.
	//
	//    * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html)
	//    (cloudhsm-cluster-<cluster-id>-sg) must include inbound rules and outbound
	//    rules that allow TCP traffic on ports 2223-2225. The Source in the inbound
	//    rules and the Destination in the outbound rules must match the security
	//    group ID. These rules are set by default when you create the cluster.
	//    Do not delete or change them. To get information about a particular security
	//    group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html)
	//    operation.
	//
	//    * The cluster must contain at least as many HSMs as the operation requires.
	//    To add HSMs, use the CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html)
	//    operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey
	//    operations, the CloudHSM cluster must have at least two active HSMs, each
	//    in a different Availability Zone. For the ConnectCustomKeyStore operation,
	//    the CloudHSM must contain at least one active HSM.
	//
	// For information about the requirements for an CloudHSM cluster that is associated
	// with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore)
	// in the Key Management Service Developer Guide. For information about creating
	// a private subnet for an CloudHSM cluster, see Create a Private Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html)
	// in the CloudHSM User Guide. For information about cluster security groups,
	// see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html)
	// in the CloudHSM User Guide .
	ErrCodeCloudHsmClusterInvalidConfigurationException = "CloudHsmClusterInvalidConfigurationException"

	// ErrCodeCloudHsmClusterNotActiveException for service response error code
	// "CloudHsmClusterNotActiveException".
	//
	// The request was rejected because the CloudHSM cluster that is associated
	// with the custom key store is not active. Initialize and activate the cluster
	// and try the command again. For detailed instructions, see Getting Started
	// (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html)
	// in the CloudHSM User Guide.
	ErrCodeCloudHsmClusterNotActiveException = "CloudHsmClusterNotActiveException"

	// ErrCodeCloudHsmClusterNotFoundException for service response error code
	// "CloudHsmClusterNotFoundException".
	//
	// The request was rejected because KMS cannot find the CloudHSM cluster with
	// the specified cluster ID. Retry the request with a different cluster ID.
	ErrCodeCloudHsmClusterNotFoundException = "CloudHsmClusterNotFoundException"

	// ErrCodeCloudHsmClusterNotRelatedException for service response error code
	// "CloudHsmClusterNotRelatedException".
	//
	// The request was rejected because the specified CloudHSM cluster has a different
	// cluster certificate than the original cluster. You cannot use the operation
	// to specify an unrelated cluster.
	//
	// Specify a cluster that shares a backup history with the original cluster.
	// This includes clusters that were created from a backup of the current cluster,
	// and clusters that were created from the same backup that produced the current
	// cluster.
	//
	// Clusters that share a backup history have the same cluster certificate. To
	// view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html)
	// operation.
	ErrCodeCloudHsmClusterNotRelatedException = "CloudHsmClusterNotRelatedException"

	// ErrCodeCustomKeyStoreHasCMKsException for service response error code
	// "CustomKeyStoreHasCMKsException".
	//
	// The request was rejected because the custom key store contains KMS keys.
	// After verifying that you do not need to use the KMS keys, use the ScheduleKeyDeletion
	// operation to delete the KMS keys. After they are deleted, you can delete
	// the custom key store.
	ErrCodeCustomKeyStoreHasCMKsException = "CustomKeyStoreHasCMKsException"

	// ErrCodeCustomKeyStoreInvalidStateException for service response error code
	// "CustomKeyStoreInvalidStateException".
	//
	// The request was rejected because of the ConnectionState of the custom key
	// store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores
	// operation.
	//
	// This exception is thrown under the following conditions:
	//
	//    * You requested the CreateKey or GenerateRandom operation in a custom
	//    key store that is not connected. These operations are valid only when
	//    the custom key store ConnectionState is CONNECTED.
	//
	//    * You requested the UpdateCustomKeyStore or DeleteCustomKeyStore operation
	//    on a custom key store that is not disconnected. This operation is valid
	//    only when the custom key store ConnectionState is DISCONNECTED.
	//
	//    * You requested the ConnectCustomKeyStore operation on a custom key store
	//    with a ConnectionState of DISCONNECTING or FAILED. This operation is valid
	//    for all other ConnectionState values.
	ErrCodeCustomKeyStoreInvalidStateException = "CustomKeyStoreInvalidStateException"

	// ErrCodeCustomKeyStoreNameInUseException for service response error code
	// "CustomKeyStoreNameInUseException".
	//
	// The request was rejected because the specified custom key store name is already
	// assigned to another custom key store in the account. Try again with a custom
	// key store name that is unique in the account.
	ErrCodeCustomKeyStoreNameInUseException = "CustomKeyStoreNameInUseException"

	// ErrCodeCustomKeyStoreNotFoundException for service response error code
	// "CustomKeyStoreNotFoundException".
	//
	// The request was rejected because KMS cannot find a custom key store with
	// the specified key store name or ID.
	ErrCodeCustomKeyStoreNotFoundException = "CustomKeyStoreNotFoundException"

	// ErrCodeDependencyTimeoutException for service response error code
	// "DependencyTimeoutException".
	//
	// The system timed out while trying to fulfill the request. The request can
	// be retried.
	ErrCodeDependencyTimeoutException = "DependencyTimeoutException"

	// ErrCodeDisabledException for service response error code
	// "DisabledException".
	//
	// The request was rejected because the specified KMS key is not enabled.
	ErrCodeDisabledException = "DisabledException"

	// ErrCodeExpiredImportTokenException for service response error code
	// "ExpiredImportTokenException".
	//
	// The request was rejected because the specified import token is expired. Use
	// GetParametersForImport to get a new import token and public key, use the
	// new public key to encrypt the key material, and then try the request again.
	ErrCodeExpiredImportTokenException = "ExpiredImportTokenException"

	// ErrCodeIncorrectKeyException for service response error code
	// "IncorrectKeyException".
	//
	// The request was rejected because the specified KMS key cannot decrypt the
	// data. The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request
	// must identify the same KMS key that was used to encrypt the ciphertext.
	ErrCodeIncorrectKeyException = "IncorrectKeyException"

	// ErrCodeIncorrectKeyMaterialException for service response error code
	// "IncorrectKeyMaterialException".
	//
	// The request was rejected because the key material in the request is, expired,
	// invalid, or is not the same key material that was previously imported into
	// this KMS key.
	ErrCodeIncorrectKeyMaterialException = "IncorrectKeyMaterialException"

	// ErrCodeIncorrectTrustAnchorException for service response error code
	// "IncorrectTrustAnchorException".
	//
	// The request was rejected because the trust anchor certificate in the request
	// is not the trust anchor certificate for the specified CloudHSM cluster.
	//
	// When you initialize the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr),
	// you create the trust anchor certificate and save it in the customerCA.crt
	// file.
	ErrCodeIncorrectTrustAnchorException = "IncorrectTrustAnchorException"

	// ErrCodeInternalException for service response error code
	// "KMSInternalException".
	//
	// The request was rejected because an internal exception occurred. The request
	// can be retried.
	ErrCodeInternalException = "KMSInternalException"

	// ErrCodeInvalidAliasNameException for service response error code
	// "InvalidAliasNameException".
	//
	// The request was rejected because the specified alias name is not valid.
	ErrCodeInvalidAliasNameException = "InvalidAliasNameException"

	// ErrCodeInvalidArnException for service response error code
	// "InvalidArnException".
	//
	// The request was rejected because a specified ARN, or an ARN in a key policy,
	// is not valid.
	ErrCodeInvalidArnException = "InvalidArnException"

	// ErrCodeInvalidCiphertextException for service response error code
	// "InvalidCiphertextException".
	//
	// From the Decrypt or ReEncrypt operation, the request was rejected because
	// the specified ciphertext, or additional authenticated data incorporated into
	// the ciphertext, such as the encryption context, is corrupted, missing, or
	// otherwise invalid.
	//
	// From the ImportKeyMaterial operation, the request was rejected because KMS
	// could not decrypt the encrypted (wrapped) key material.
	ErrCodeInvalidCiphertextException = "InvalidCiphertextException"

	// ErrCodeInvalidGrantIdException for service response error code
	// "InvalidGrantIdException".
	//
	// The request was rejected because the specified GrantId is not valid.
	ErrCodeInvalidGrantIdException = "InvalidGrantIdException"

	// ErrCodeInvalidGrantTokenException for service response error code
	// "InvalidGrantTokenException".
	//
	// The request was rejected because the specified grant token is not valid.
	ErrCodeInvalidGrantTokenException = "InvalidGrantTokenException"

	// ErrCodeInvalidImportTokenException for service response error code
	// "InvalidImportTokenException".
	//
	// The request was rejected because the provided import token is invalid or
	// is associated with a different KMS key.
	ErrCodeInvalidImportTokenException = "InvalidImportTokenException"

	// ErrCodeInvalidKeyUsageException for service response error code
	// "InvalidKeyUsageException".
	//
	// The request was rejected for one of the following reasons:
	//
	//    * The KeyUsage value of the KMS key is incompatible with the API operation.
	//
	//    * The encryption algorithm or signing algorithm specified for the operation
	//    is incompatible with the type of key material in the KMS key (KeySpec).
	//
	// For encrypting, decrypting, re-encrypting, and generating data keys, the
	// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage
	// must be SIGN_VERIFY. To find the KeyUsage of a KMS key, use the DescribeKey
	// operation.
	//
	// To find the encryption or signing algorithms supported for a particular KMS
	// key, use the DescribeKey operation.
	ErrCodeInvalidKeyUsageException = "InvalidKeyUsageException"

	// ErrCodeInvalidMarkerException for service response error code
	// "InvalidMarkerException".
	//
	// The request was rejected because the marker that specifies where pagination
	// should next begin is not valid.
	ErrCodeInvalidMarkerException = "InvalidMarkerException"

	// ErrCodeInvalidStateException for service response error code
	// "KMSInvalidStateException".
	//
	// The request was rejected because the state of the specified resource is not
	// valid for this request.
	//
	// For more information about how key state affects the use of a KMS key, see
	// Key state: Effect on your KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
	// in the Key Management Service Developer Guide .
	ErrCodeInvalidStateException = "KMSInvalidStateException"

	// ErrCodeKMSInvalidSignatureException for service response error code
	// "KMSInvalidSignatureException".
	//
	// The request was rejected because the signature verification failed. Signature
	// verification fails when it cannot confirm that signature was produced by
	// signing the specified message with the specified KMS key and signing algorithm.
	ErrCodeKMSInvalidSignatureException = "KMSInvalidSignatureException"

	// ErrCodeKeyUnavailableException for service response error code
	// "KeyUnavailableException".
	//
	// The request was rejected because the specified KMS key was not available.
	// You can retry the request.
	ErrCodeKeyUnavailableException = "KeyUnavailableException"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceededException".
	//
	// The request was rejected because a quota was exceeded. For more information,
	// see Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html)
	// in the Key Management Service Developer Guide.
	ErrCodeLimitExceededException = "LimitExceededException"

	// ErrCodeMalformedPolicyDocumentException for service response error code
	// "MalformedPolicyDocumentException".
	//
	// The request was rejected because the specified policy is not syntactically
	// or semantically correct.
	ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocumentException"

	// ErrCodeNotFoundException for service response error code
	// "NotFoundException".
	//
	// The request was rejected because the specified entity or resource could not
	// be found.
	ErrCodeNotFoundException = "NotFoundException"

	// ErrCodeTagException for service response error code
	// "TagException".
	//
	// The request was rejected because one or more tags are not valid.
	ErrCodeTagException = "TagException"

	// ErrCodeUnsupportedOperationException for service response error code
	// "UnsupportedOperationException".
	//
	// The request was rejected because a specified parameter is not supported or
	// a specified resource is not valid for this operation.
	ErrCodeUnsupportedOperationException = "UnsupportedOperationException"
)

var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
	"AlreadyExistsException":                       newErrorAlreadyExistsException,
	"CloudHsmClusterInUseException":                newErrorCloudHsmClusterInUseException,
	"CloudHsmClusterInvalidConfigurationException": newErrorCloudHsmClusterInvalidConfigurationException,
	"CloudHsmClusterNotActiveException":            newErrorCloudHsmClusterNotActiveException,
	"CloudHsmClusterNotFoundException":             newErrorCloudHsmClusterNotFoundException,
	"CloudHsmClusterNotRelatedException":           newErrorCloudHsmClusterNotRelatedException,
	"CustomKeyStoreHasCMKsException":               newErrorCustomKeyStoreHasCMKsException,
	"CustomKeyStoreInvalidStateException":          newErrorCustomKeyStoreInvalidStateException,
	"CustomKeyStoreNameInUseException":             newErrorCustomKeyStoreNameInUseException,
	"CustomKeyStoreNotFoundException":              newErrorCustomKeyStoreNotFoundException,
	"DependencyTimeoutException":                   newErrorDependencyTimeoutException,
	"DisabledException":                            newErrorDisabledException,
	"ExpiredImportTokenException":                  newErrorExpiredImportTokenException,
	"IncorrectKeyException":                        newErrorIncorrectKeyException,
	"IncorrectKeyMaterialException":                newErrorIncorrectKeyMaterialException,
	"IncorrectTrustAnchorException":                newErrorIncorrectTrustAnchorException,
	"KMSInternalException":                         newErrorInternalException,
	"InvalidAliasNameException":                    newErrorInvalidAliasNameException,
	"InvalidArnException":                          newErrorInvalidArnException,
	"InvalidCiphertextException":                   newErrorInvalidCiphertextException,
	"InvalidGrantIdException":                      newErrorInvalidGrantIdException,
	"InvalidGrantTokenException":                   newErrorInvalidGrantTokenException,
	"InvalidImportTokenException":                  newErrorInvalidImportTokenException,
	"InvalidKeyUsageException":                     newErrorInvalidKeyUsageException,
	"InvalidMarkerException":                       newErrorInvalidMarkerException,
	"KMSInvalidStateException":                     newErrorInvalidStateException,
	"KMSInvalidSignatureException":                 newErrorKMSInvalidSignatureException,
	"KeyUnavailableException":                      newErrorKeyUnavailableException,
	"LimitExceededException":                       newErrorLimitExceededException,
	"MalformedPolicyDocumentException":             newErrorMalformedPolicyDocumentException,
	"NotFoundException":                            newErrorNotFoundException,
	"TagException":                                 newErrorTagException,
	"UnsupportedOperationException":                newErrorUnsupportedOperationException,
}