aws
diff --git a/‎generator/ServiceModels/dsql/dsql-2018-05-10.api.json
Lines changed: 40 additions & 1 deletion b/‎generator/ServiceModels/dsql/dsql-2018-05-10.api.json
Lines changed: 40 additions & 1 deletion
diff --git a/‎generator/ServiceModels/dsql/dsql-2018-05-10.docs.json
Lines changed: 32 additions & 0 deletions b/‎generator/ServiceModels/dsql/dsql-2018-05-10.docs.json
Lines changed: 32 additions & 0 deletions
diff --git a/‎generator/ServiceModels/dsql/dsql-2018-05-10.normal.json
Lines changed: 62 additions & 1 deletion b/‎generator/ServiceModels/dsql/dsql-2018-05-10.normal.json
Lines changed: 62 additions & 1 deletion
diff --git a/‎sdk/code-analysis/ServiceAnalysis/DSQL/Generated/PropertyValueRules.xml
Lines changed: 12 additions & 0 deletions b/‎sdk/code-analysis/ServiceAnalysis/DSQL/Generated/PropertyValueRules.xml
Lines changed: 12 additions & 0 deletions
diff --git a/‎sdk/src/Services/DSQL/Generated/Model/CreateClusterRequest.cs
Lines changed: 22 additions & 0 deletions b/‎sdk/src/Services/DSQL/Generated/Model/CreateClusterRequest.cs
Lines changed: 22 additions & 0 deletions
diff --git a/‎sdk/src/Services/DSQL/Generated/Model/CreateClusterResponse.cs
Lines changed: 20 additions & 0 deletions b/‎sdk/src/Services/DSQL/Generated/Model/CreateClusterResponse.cs
Lines changed: 20 additions & 0 deletions
@@ -258,6 +258,7 @@
       "type":"structure",
       "members":{
         "deletionProtectionEnabled":{"shape":"DeletionProtectionEnabled"},
+        "kmsEncryptionKey":{"shape":"KmsEncryptionKey"},
         "tags":{"shape":"TagMap"},
         "clientToken":{
           "shape":"ClientToken",
@@ -281,6 +282,7 @@
         "status":{"shape":"ClusterStatus"},
         "creationTime":{"shape":"ClusterCreationTime"},
         "multiRegionProperties":{"shape":"MultiRegionProperties"},
+        "encryptionDetails":{"shape":"EncryptionDetails"},
         "deletionProtectionEnabled":{"shape":"DeletionProtectionEnabled"}
       }
     },
@@ -320,6 +322,34 @@
       "type":"boolean",
       "box":true
     },
+    "EncryptionDetails":{
+      "type":"structure",
+      "required":[
+        "encryptionType",
+        "encryptionStatus"
+      ],
+      "members":{
+        "encryptionType":{"shape":"EncryptionType"},
+        "kmsKeyArn":{"shape":"KmsKeyArn"},
+        "encryptionStatus":{"shape":"EncryptionStatus"}
+      }
+    },
+    "EncryptionStatus":{
+      "type":"string",
+      "enum":[
+        "ENABLED",
+        "UPDATING",
+        "KMS_KEY_INACCESSIBLE",
+        "ENABLING"
+      ]
+    },
+    "EncryptionType":{
+      "type":"string",
+      "enum":[
+        "AWS_OWNED_KMS_KEY",
+        "CUSTOMER_MANAGED_KMS_KEY"
+      ]
+    },
     "GetClusterInput":{
       "type":"structure",
       "required":["identifier"],
@@ -347,7 +377,8 @@
         "creationTime":{"shape":"ClusterCreationTime"},
         "deletionProtectionEnabled":{"shape":"DeletionProtectionEnabled"},
         "multiRegionProperties":{"shape":"MultiRegionProperties"},
-        "tags":{"shape":"TagMap"}
+        "tags":{"shape":"TagMap"},
+        "encryptionDetails":{"shape":"EncryptionDetails"}
       }
     },
     "GetVpcEndpointServiceNameInput":{
@@ -388,6 +419,13 @@
       "fault":true,
       "retryable":{"throttling":false}
     },
+    "KmsEncryptionKey":{
+      "type":"string",
+      "max":2048,
+      "min":1,
+      "pattern":"[a-zA-Z0-9:/_-]+"
+    },
+    "KmsKeyArn":{"type":"string"},
     "ListClustersInput":{
       "type":"structure",
       "members":{
@@ -583,6 +621,7 @@
           "locationName":"identifier"
         },
         "deletionProtectionEnabled":{"shape":"DeletionProtectionEnabled"},
+        "kmsEncryptionKey":{"shape":"KmsEncryptionKey"},
         "clientToken":{
           "shape":"ClientToken",
           "idempotencyToken":true
 
@@ -129,6 +129,25 @@
         "UpdateClusterInput$deletionProtectionEnabled": "<p>Specifies whether to enable deletion protection in your cluster.</p>"
       }
     },
+    "EncryptionDetails": {
+      "base": "<p>Configuration details about encryption for the cluster including the KMS key ARN, encryption type, and encryption status.</p>",
+      "refs": {
+        "CreateClusterOutput$encryptionDetails": "<p>The encryption configuration for the cluster that was specified during the creation process, including the KMS key identifier and encryption state.</p>",
+        "GetClusterOutput$encryptionDetails": "<p>The current encryption configuration details for the cluster.</p>"
+      }
+    },
+    "EncryptionStatus": {
+      "base": null,
+      "refs": {
+        "EncryptionDetails$encryptionStatus": "<p>The status of encryption for the cluster.</p>"
+      }
+    },
+    "EncryptionType": {
+      "base": null,
+      "refs": {
+        "EncryptionDetails$encryptionType": "<p>The type of encryption that protects the data on your cluster.</p>"
+      }
+    },
     "GetClusterInput": {
       "base": null,
       "refs": {
@@ -161,6 +180,19 @@
       "refs": {
       }
     },
+    "KmsEncryptionKey": {
+      "base": null,
+      "refs": {
+        "CreateClusterInput$kmsEncryptionKey": "<p>The KMS key that encrypts and protects the data on your cluster. You can specify the ARN, ID, or alias of an existing key or have Amazon Web Services create a default key for you.</p>",
+        "UpdateClusterInput$kmsEncryptionKey": "<p>The KMS key that encrypts and protects the data on your cluster. You can specify the ARN, ID, or alias of an existing key or have Amazon Web Services create a default key for you.</p>"
+      }
+    },
+    "KmsKeyArn": {
+      "base": null,
+      "refs": {
+        "EncryptionDetails$kmsKeyArn": "<p>The ARN of the KMS key that encrypts data in the cluster.</p>"
+      }
+    },
     "ListClustersInput": {
       "base": null,
       "refs": {
 
@@ -295,6 +295,10 @@
           "shape":"DeletionProtectionEnabled",
           "documentation":"<p>If enabled, you can't delete your cluster. You must first disable this property before you can delete your cluster.</p>"
         },
+        "kmsEncryptionKey":{
+          "shape":"KmsEncryptionKey",
+          "documentation":"<p>The KMS key that encrypts and protects the data on your cluster. You can specify the ARN, ID, or alias of an existing key or have Amazon Web Services create a default key for you.</p>"
+        },
         "tags":{
           "shape":"TagMap",
           "documentation":"<p>A map of key and value pairs to use to tag your cluster.</p>"
@@ -340,6 +344,10 @@
           "shape":"MultiRegionProperties",
           "documentation":"<p>The multi-Region cluster configuration details that were set during cluster creation</p>"
         },
+        "encryptionDetails":{
+          "shape":"EncryptionDetails",
+          "documentation":"<p>The encryption configuration for the cluster that was specified during the creation process, including the KMS key identifier and encryption state.</p>"
+        },
         "deletionProtectionEnabled":{
           "shape":"DeletionProtectionEnabled",
           "documentation":"<p>Whether deletion protection is enabled on this cluster.</p>"
@@ -399,6 +407,44 @@
       "documentation":"<p>Indicates whether deletion protection is enabled for a cluster.</p>",
       "box":true
     },
+    "EncryptionDetails":{
+      "type":"structure",
+      "required":[
+        "encryptionType",
+        "encryptionStatus"
+      ],
+      "members":{
+        "encryptionType":{
+          "shape":"EncryptionType",
+          "documentation":"<p>The type of encryption that protects the data on your cluster.</p>"
+        },
+        "kmsKeyArn":{
+          "shape":"KmsKeyArn",
+          "documentation":"<p>The ARN of the KMS key that encrypts data in the cluster.</p>"
+        },
+        "encryptionStatus":{
+          "shape":"EncryptionStatus",
+          "documentation":"<p>The status of encryption for the cluster.</p>"
+        }
+      },
+      "documentation":"<p>Configuration details about encryption for the cluster including the KMS key ARN, encryption type, and encryption status.</p>"
+    },
+    "EncryptionStatus":{
+      "type":"string",
+      "enum":[
+        "ENABLED",
+        "UPDATING",
+        "KMS_KEY_INACCESSIBLE",
+        "ENABLING"
+      ]
+    },
+    "EncryptionType":{
+      "type":"string",
+      "enum":[
+        "AWS_OWNED_KMS_KEY",
+        "CUSTOMER_MANAGED_KMS_KEY"
+      ]
+    },
     "GetClusterInput":{
       "type":"structure",
       "required":["identifier"],
@@ -445,7 +491,11 @@
           "shape":"MultiRegionProperties",
           "documentation":"<p>Returns the current multi-Region cluster configuration, including witness region and linked cluster information.</p>"
         },
-        "tags":{"shape":"TagMap"}
+        "tags":{"shape":"TagMap"},
+        "encryptionDetails":{
+          "shape":"EncryptionDetails",
+          "documentation":"<p>The current encryption configuration details for the cluster.</p>"
+        }
       },
       "documentation":"<p>The output of a cluster.</p>"
     },
@@ -493,6 +543,13 @@
       "fault":true,
       "retryable":{"throttling":false}
     },
+    "KmsEncryptionKey":{
+      "type":"string",
+      "max":2048,
+      "min":1,
+      "pattern":"[a-zA-Z0-9:/_-]+"
+    },
+    "KmsKeyArn":{"type":"string"},
     "ListClustersInput":{
       "type":"structure",
       "members":{
@@ -761,6 +818,10 @@
           "shape":"DeletionProtectionEnabled",
           "documentation":"<p>Specifies whether to enable deletion protection in your cluster.</p>"
         },
+        "kmsEncryptionKey":{
+          "shape":"KmsEncryptionKey",
+          "documentation":"<p>The KMS key that encrypts and protects the data on your cluster. You can specify the ARN, ID, or alias of an existing key or have Amazon Web Services create a default key for you.</p>"
+        },
         "clientToken":{
           "shape":"ClientToken",
           "documentation":"<p>A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully. The subsequent retries with the same client token return the result from the original successful request and they have no additional effect.</p> <p>If you don't specify a client token, the Amazon Web Services SDK automatically generates one.</p>",
 
@@ -6,6 +6,12 @@
     <max>128</max>
     <pattern>[!-~]+</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.DSQL.Model.CreateClusterRequest.KmsEncryptionKey</property>
+    <min>1</min>
+    <max>2048</max>
+    <pattern>[a-zA-Z0-9:/_-]+</pattern>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.DSQL.Model.CreateClusterResponse.Arn</property>
     <pattern>arn:aws(-[^:]+)?:dsql:[a-z0-9-]{1,20}:[0-9]{12}:cluster/[a-z0-9]{26}</pattern>
@@ -87,6 +93,12 @@
     <property>Amazon.DSQL.Model.UpdateClusterRequest.Identifier</property>
     <pattern>[a-z0-9]{26}</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.DSQL.Model.UpdateClusterRequest.KmsEncryptionKey</property>
+    <min>1</min>
+    <max>2048</max>
+    <pattern>[a-zA-Z0-9:/_-]+</pattern>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.DSQL.Model.UpdateClusterResponse.Arn</property>
     <pattern>arn:aws(-[^:]+)?:dsql:[a-z0-9-]{1,20}:[0-9]{12}:cluster/[a-z0-9]{26}</pattern>
 
@@ -110,6 +110,7 @@ public partial class CreateClusterRequest : AmazonDSQLRequest
     {
         private string _clientToken;
         private bool? _deletionProtectionEnabled;
+        private string _kmsEncryptionKey;
         private MultiRegionProperties _multiRegionProperties;
         private Dictionary<string, string> _tags = AWSConfigs.InitializeCollections ? new Dictionary<string, string>() : null;
 
@@ -160,6 +161,27 @@ internal bool IsSetDeletionProtectionEnabled()
             return this._deletionProtectionEnabled.HasValue; 
         }
 
+        /// <summary>
+        /// Gets and sets the property KmsEncryptionKey. 
+        /// <para>
+        /// The KMS key that encrypts and protects the data on your cluster. You can specify the
+        /// ARN, ID, or alias of an existing key or have Amazon Web Services create a default
+        /// key for you.
+        /// </para>
+        /// </summary>
+        [AWSProperty(Min=1, Max=2048)]
+        public string KmsEncryptionKey
+        {
+            get { return this._kmsEncryptionKey; }
+            set { this._kmsEncryptionKey = value; }
+        }
+
+        // Check to see if KmsEncryptionKey property is set
+        internal bool IsSetKmsEncryptionKey()
+        {
+            return this._kmsEncryptionKey != null;
+        }
+
         /// <summary>
         /// Gets and sets the property MultiRegionProperties. 
         /// <para>
 
@@ -37,6 +37,7 @@ public partial class CreateClusterResponse : AmazonWebServiceResponse
         private string _arn;
         private DateTime? _creationTime;
         private bool? _deletionProtectionEnabled;
+        private EncryptionDetails _encryptionDetails;
         private string _identifier;
         private MultiRegionProperties _multiRegionProperties;
         private ClusterStatus _status;
@@ -98,6 +99,25 @@ internal bool IsSetDeletionProtectionEnabled()
             return this._deletionProtectionEnabled.HasValue; 
         }
 
+        /// <summary>
+        /// Gets and sets the property EncryptionDetails. 
+        /// <para>
+        /// The encryption configuration for the cluster that was specified during the creation
+        /// process, including the KMS key identifier and encryption state.
+        /// </para>
+        /// </summary>
+        public EncryptionDetails EncryptionDetails
+        {
+            get { return this._encryptionDetails; }
+            set { this._encryptionDetails = value; }
+        }
+
+        // Check to see if EncryptionDetails property is set
+        internal bool IsSetEncryptionDetails()
+        {
+            return this._encryptionDetails != null;
+        }
+
         /// <summary>
         /// Gets and sets the property Identifier. 
         /// <para>