All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.kms.model.PutKeyPolicyRequest Maven / Gradle / Ivy

Go to download

The AWS Java SDK for AWS KMS module holds the client classes that are used for communicating with AWS Key Management Service

There is a newer version: 1.12.778
Show newest version
/*
 * Copyright 2015-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.kms.model;

import java.io.Serializable;
import javax.annotation.Generated;

import com.amazonaws.AmazonWebServiceRequest;

/**
 * 
 * @see AWS API
 *      Documentation
 */
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class PutKeyPolicyRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {

    /**
     * 

* A unique identifier for the customer master key (CMK). *

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. *

*/ private String keyId; /** *

* The name of the key policy. The only valid value is default. *

*/ private String policyName; /** *

* The key policy to attach to the CMK. *

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the principal * that is making the PutKeyPolicy request to make a subsequent PutKeyPolicy request on * the CMK. This reduces the risk that the CMK becomes unmanageable. For more information, refer to the scenario in * the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy must exist * and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need * to enforce a delay before including the new principal in a key policy because the new principal might not be * immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management User * Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the * AWS Key Management Service Developer Guide. *

*/ private String policy; /** *

* A flag to indicate whether to bypass the key policy lockout safety check. *

* *

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to true * indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. *

*/ private Boolean bypassPolicyLockoutSafetyCheck; /** *

* A unique identifier for the customer master key (CMK). *

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. *

* * @param keyId * A unique identifier for the customer master key (CMK).

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. */ public void setKeyId(String keyId) { this.keyId = keyId; } /** *

* A unique identifier for the customer master key (CMK). *

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. *

* * @return A unique identifier for the customer master key (CMK).

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. */ public String getKeyId() { return this.keyId; } /** *

* A unique identifier for the customer master key (CMK). *

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. *

* * @param keyId * A unique identifier for the customer master key (CMK).

*

* Specify the key ID or the Amazon Resource Name (ARN) of the CMK. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
*

* To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. * @return Returns a reference to this object so that method calls can be chained together. */ public PutKeyPolicyRequest withKeyId(String keyId) { setKeyId(keyId); return this; } /** *

* The name of the key policy. The only valid value is default. *

* * @param policyName * The name of the key policy. The only valid value is default. */ public void setPolicyName(String policyName) { this.policyName = policyName; } /** *

* The name of the key policy. The only valid value is default. *

* * @return The name of the key policy. The only valid value is default. */ public String getPolicyName() { return this.policyName; } /** *

* The name of the key policy. The only valid value is default. *

* * @param policyName * The name of the key policy. The only valid value is default. * @return Returns a reference to this object so that method calls can be chained together. */ public PutKeyPolicyRequest withPolicyName(String policyName) { setPolicyName(policyName); return this; } /** *

* The key policy to attach to the CMK. *

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the principal * that is making the PutKeyPolicy request to make a subsequent PutKeyPolicy request on * the CMK. This reduces the risk that the CMK becomes unmanageable. For more information, refer to the scenario in * the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy must exist * and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need * to enforce a delay before including the new principal in a key policy because the new principal might not be * immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management User * Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the * AWS Key Management Service Developer Guide. *

* * @param policy * The key policy to attach to the CMK.

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the * principal that is making the PutKeyPolicy request to make a subsequent * PutKeyPolicy request on the CMK. This reduces the risk that the CMK becomes unmanageable. For * more information, refer to the scenario in the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy * must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or * role), you might need to enforce a delay before including the new principal in a key policy because the * new principal might not be immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management * User Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in * the AWS Key Management Service Developer Guide. */ public void setPolicy(String policy) { this.policy = policy; } /** *

* The key policy to attach to the CMK. *

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the principal * that is making the PutKeyPolicy request to make a subsequent PutKeyPolicy request on * the CMK. This reduces the risk that the CMK becomes unmanageable. For more information, refer to the scenario in * the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy must exist * and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need * to enforce a delay before including the new principal in a key policy because the new principal might not be * immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management User * Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the * AWS Key Management Service Developer Guide. *

* * @return The key policy to attach to the CMK.

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the * principal that is making the PutKeyPolicy request to make a subsequent * PutKeyPolicy request on the CMK. This reduces the risk that the CMK becomes unmanageable. * For more information, refer to the scenario in the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy * must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or * role), you might need to enforce a delay before including the new principal in a key policy because the * new principal might not be immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management * User Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in * the AWS Key Management Service Developer Guide. */ public String getPolicy() { return this.policy; } /** *

* The key policy to attach to the CMK. *

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the principal * that is making the PutKeyPolicy request to make a subsequent PutKeyPolicy request on * the CMK. This reduces the risk that the CMK becomes unmanageable. For more information, refer to the scenario in * the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy must exist * and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need * to enforce a delay before including the new principal in a key policy because the new principal might not be * immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management User * Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the * AWS Key Management Service Developer Guide. *

* * @param policy * The key policy to attach to the CMK.

*

* The key policy must meet the following criteria: *

*
    *
  • *

    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy must allow the * principal that is making the PutKeyPolicy request to make a subsequent * PutKeyPolicy request on the CMK. This reduces the risk that the CMK becomes unmanageable. For * more information, refer to the scenario in the Default Key Policy section of the AWS Key Management Service Developer Guide. *

    *
  • *
  • *

    * Each statement in the key policy must contain one or more principals. The principals in the key policy * must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or * role), you might need to enforce a delay before including the new principal in a key policy because the * new principal might not be immediately visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the AWS Identity and Access Management * User Guide. *

    *
  • *
*

* The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in * the AWS Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public PutKeyPolicyRequest withPolicy(String policy) { setPolicy(policy); return this; } /** *

* A flag to indicate whether to bypass the key policy lockout safety check. *

* *

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to true * indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. *

* * @param bypassPolicyLockoutSafetyCheck * A flag to indicate whether to bypass the key policy lockout safety check.

*

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to * true indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. */ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) { this.bypassPolicyLockoutSafetyCheck = bypassPolicyLockoutSafetyCheck; } /** *

* A flag to indicate whether to bypass the key policy lockout safety check. *

* *

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to true * indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. *

* * @return A flag to indicate whether to bypass the key policy lockout safety check.

*

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to * true indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. */ public Boolean getBypassPolicyLockoutSafetyCheck() { return this.bypassPolicyLockoutSafetyCheck; } /** *

* A flag to indicate whether to bypass the key policy lockout safety check. *

* *

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to true * indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. *

* * @param bypassPolicyLockoutSafetyCheck * A flag to indicate whether to bypass the key policy lockout safety check.

*

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to * true indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. * @return Returns a reference to this object so that method calls can be chained together. */ public PutKeyPolicyRequest withBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) { setBypassPolicyLockoutSafetyCheck(bypassPolicyLockoutSafetyCheck); return this; } /** *

* A flag to indicate whether to bypass the key policy lockout safety check. *

* *

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to true * indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. *

* * @return A flag to indicate whether to bypass the key policy lockout safety check.

*

* Setting this value to true increases the risk that the CMK becomes unmanageable. Do not set this value to * true indiscriminately. *

*

* For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. *

*
*

* Use this parameter only when you intend to prevent the principal that is making the request from making a * subsequent PutKeyPolicy request on the CMK. *

*

* The default value is false. */ public Boolean isBypassPolicyLockoutSafetyCheck() { return this.bypassPolicyLockoutSafetyCheck; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKeyId() != null) sb.append("KeyId: ").append(getKeyId()).append(","); if (getPolicyName() != null) sb.append("PolicyName: ").append(getPolicyName()).append(","); if (getPolicy() != null) sb.append("Policy: ").append(getPolicy()).append(","); if (getBypassPolicyLockoutSafetyCheck() != null) sb.append("BypassPolicyLockoutSafetyCheck: ").append(getBypassPolicyLockoutSafetyCheck()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof PutKeyPolicyRequest == false) return false; PutKeyPolicyRequest other = (PutKeyPolicyRequest) obj; if (other.getKeyId() == null ^ this.getKeyId() == null) return false; if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) return false; if (other.getPolicyName() == null ^ this.getPolicyName() == null) return false; if (other.getPolicyName() != null && other.getPolicyName().equals(this.getPolicyName()) == false) return false; if (other.getPolicy() == null ^ this.getPolicy() == null) return false; if (other.getPolicy() != null && other.getPolicy().equals(this.getPolicy()) == false) return false; if (other.getBypassPolicyLockoutSafetyCheck() == null ^ this.getBypassPolicyLockoutSafetyCheck() == null) return false; if (other.getBypassPolicyLockoutSafetyCheck() != null && other.getBypassPolicyLockoutSafetyCheck().equals(this.getBypassPolicyLockoutSafetyCheck()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); hashCode = prime * hashCode + ((getPolicyName() == null) ? 0 : getPolicyName().hashCode()); hashCode = prime * hashCode + ((getPolicy() == null) ? 0 : getPolicy().hashCode()); hashCode = prime * hashCode + ((getBypassPolicyLockoutSafetyCheck() == null) ? 0 : getBypassPolicyLockoutSafetyCheck().hashCode()); return hashCode; } @Override public PutKeyPolicyRequest clone() { return (PutKeyPolicyRequest) super.clone(); } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy