All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.kms.model.CreateCustomKeyStoreRequest Maven / Gradle / Ivy

Go to download

The AWS Java SDK for AWS KMS module holds the client classes that are used for communicating with AWS Key Management Service

There is a newer version: 1.12.778
Show newest version
/*
 * Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.kms.model;

import java.io.Serializable;
import javax.annotation.Generated;

import com.amazonaws.AmazonWebServiceRequest;

/**
 * 
 * @see AWS API
 *      Documentation
 */
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class CreateCustomKeyStoreRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {

    /**
     * 

* Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
*/ private String customKeyStoreName; /** *

* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *

*/ private String cloudHsmClusterId; /** *

* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the cluster. *

*/ private String trustAnchorCertificate; /** *

* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key * stores with a CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as * this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in the * CloudHSM cluster. *

*/ private String keyStorePassword; /** *

* Specifies the type of custom key store. The default value is AWS_CLOUDHSM. *

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For * a custom key store backed by an external key manager outside of Amazon Web Services, enter * EXTERNAL_KEY_STORE. You cannot change this property after the key store is created. *

*/ private String customKeyStoreType; /** *

* Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter * is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

*

* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

*

* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE, * specify https:// followed by the private DNS name of the VPC endpoint service. *

*

* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before * you create the custom key store. KMS connects to the external key store proxy while creating the custom key * store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call * the ConnectCustomKeyStore operation. *

*

* The value of this parameter must begin with https://. The remainder can contain upper and lower case * letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes ( * / and \) are not permitted. *

*

* Uniqueness requirements: *

*
    *
  • *

    * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

    *
  • *
  • *

    * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

    *
  • *
  • *

    * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name. * The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE * connectivity (private DNS name) must be unique in the Amazon Web Services account and Region. *

    *
  • *
*/ private String xksProxyUriEndpoint; /** *

* Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation * for your external key store proxy. This parameter is required for all custom key stores with a * CustomKeyStoreType of EXTERNAL_KEY_STORE. *

*

* The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix between * the required elements such as /prefix/kms/xks/v1. *

*

* Uniqueness requirements: *

*
    *
  • *

    * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

    *
  • *
*/ private String xksProxyUriPath; /** *

* Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with * your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE. *

*

* The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *

*

* Uniqueness requirements: *

*
    *
  • *

    * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

    *
  • *
*/ private String xksProxyVpcEndpointServiceName; /** *

* Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required * for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

*

* The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a * secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For * character requirements, see * XksProxyAuthenticationCredentialType. *

*

* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

*

* This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *

*/ private XksProxyAuthenticationCredentialType xksProxyAuthenticationCredential; /** *

* Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key * stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

*

* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key * store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

*

* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *

*/ private String xksProxyConnectivity; /** *

* Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
* * @param customKeyStoreName * Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services * account and Region. This parameter is required for all custom key stores.

*

* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *

*/ public void setCustomKeyStoreName(String customKeyStoreName) { this.customKeyStoreName = customKeyStoreName; } /** *

* Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
* * @return Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services * account and Region. This parameter is required for all custom key stores.

*

* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *

*/ public String getCustomKeyStoreName() { return this.customKeyStoreName; } /** *

* Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
* * @param customKeyStoreName * Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services * account and Region. This parameter is required for all custom key stores.

*

* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *

* @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withCustomKeyStoreName(String customKeyStoreName) { setCustomKeyStoreName(customKeyStoreName); return this; } /** *

* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *

* * @param cloudHsmClusterId * Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key * stores with CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key * store. To find the cluster ID, use the DescribeClusters operation. */ public void setCloudHsmClusterId(String cloudHsmClusterId) { this.cloudHsmClusterId = cloudHsmClusterId; } /** *

* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *

* * @return Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key * stores with CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key * store. To find the cluster ID, use the DescribeClusters operation. */ public String getCloudHsmClusterId() { return this.cloudHsmClusterId; } /** *

* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *

* * @param cloudHsmClusterId * Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key * stores with CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key * store. To find the cluster ID, use the DescribeClusters operation. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withCloudHsmClusterId(String cloudHsmClusterId) { setCloudHsmClusterId(cloudHsmClusterId); return this; } /** *

* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the cluster. *

* * @param trustAnchorCertificate * Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with * a CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the * cluster. */ public void setTrustAnchorCertificate(String trustAnchorCertificate) { this.trustAnchorCertificate = trustAnchorCertificate; } /** *

* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the cluster. *

* * @return Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores * with a CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the * cluster. */ public String getTrustAnchorCertificate() { return this.trustAnchorCertificate; } /** *

* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a * CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the cluster. *

* * @param trustAnchorCertificate * Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with * a CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the * customerCA.crt file that you created when you initialized the * cluster. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withTrustAnchorCertificate(String trustAnchorCertificate) { setTrustAnchorCertificate(trustAnchorCertificate); return this; } /** *

* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key * stores with a CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as * this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in the * CloudHSM cluster. *

* * @param keyStorePassword * Specifies the kmsuser password for an CloudHSM key store. This parameter is required for * custom key stores with a CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the * cluster as this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in the * CloudHSM cluster. */ public void setKeyStorePassword(String keyStorePassword) { this.keyStorePassword = keyStorePassword; } /** *

* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key * stores with a CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as * this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in the * CloudHSM cluster. *

* * @return Specifies the kmsuser password for an CloudHSM key store. This parameter is required for * custom key stores with a CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the * cluster as this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in * the CloudHSM cluster. */ public String getKeyStorePassword() { return this.keyStorePassword; } /** *

* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key * stores with a CustomKeyStoreType of AWS_CLOUDHSM. *

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as * this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in the * CloudHSM cluster. *

* * @param keyStorePassword * Specifies the kmsuser password for an CloudHSM key store. This parameter is required for * custom key stores with a CustomKeyStoreType of AWS_CLOUDHSM.

*

* Enter the password of the * kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the * cluster as this user to manage key material on your behalf. *

*

* The password must be a string of 7 to 32 characters. Its value is case sensitive. *

*

* This parameter tells KMS the kmsuser account password; it does not change the password in the * CloudHSM cluster. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withKeyStorePassword(String keyStorePassword) { setKeyStorePassword(keyStorePassword); return this; } /** *

* Specifies the type of custom key store. The default value is AWS_CLOUDHSM. *

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For * a custom key store backed by an external key manager outside of Amazon Web Services, enter * EXTERNAL_KEY_STORE. You cannot change this property after the key store is created. *

* * @param customKeyStoreType * Specifies the type of custom key store. The default value is AWS_CLOUDHSM.

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter * AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web * Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is * created. * @see CustomKeyStoreType */ public void setCustomKeyStoreType(String customKeyStoreType) { this.customKeyStoreType = customKeyStoreType; } /** *

* Specifies the type of custom key store. The default value is AWS_CLOUDHSM. *

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For * a custom key store backed by an external key manager outside of Amazon Web Services, enter * EXTERNAL_KEY_STORE. You cannot change this property after the key store is created. *

* * @return Specifies the type of custom key store. The default value is AWS_CLOUDHSM.

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter * AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web * Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is * created. * @see CustomKeyStoreType */ public String getCustomKeyStoreType() { return this.customKeyStoreType; } /** *

* Specifies the type of custom key store. The default value is AWS_CLOUDHSM. *

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For * a custom key store backed by an external key manager outside of Amazon Web Services, enter * EXTERNAL_KEY_STORE. You cannot change this property after the key store is created. *

* * @param customKeyStoreType * Specifies the type of custom key store. The default value is AWS_CLOUDHSM.

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter * AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web * Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is * created. * @return Returns a reference to this object so that method calls can be chained together. * @see CustomKeyStoreType */ public CreateCustomKeyStoreRequest withCustomKeyStoreType(String customKeyStoreType) { setCustomKeyStoreType(customKeyStoreType); return this; } /** *

* Specifies the type of custom key store. The default value is AWS_CLOUDHSM. *

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For * a custom key store backed by an external key manager outside of Amazon Web Services, enter * EXTERNAL_KEY_STORE. You cannot change this property after the key store is created. *

* * @param customKeyStoreType * Specifies the type of custom key store. The default value is AWS_CLOUDHSM.

*

* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter * AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web * Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is * created. * @return Returns a reference to this object so that method calls can be chained together. * @see CustomKeyStoreType */ public CreateCustomKeyStoreRequest withCustomKeyStoreType(CustomKeyStoreType customKeyStoreType) { this.customKeyStoreType = customKeyStoreType.toString(); return this; } /** *

* Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter * is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

*

* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

*

* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE, * specify https:// followed by the private DNS name of the VPC endpoint service. *

*

* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before * you create the custom key store. KMS connects to the external key store proxy while creating the custom key * store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call * the ConnectCustomKeyStore operation. *

*

* The value of this parameter must begin with https://. The remainder can contain upper and lower case * letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes ( * / and \) are not permitted. *

*

* Uniqueness requirements: *

*
    *
  • *

    * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

    *
  • *
  • *

    * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

    *
  • *
  • *

    * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name. * The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE * connectivity (private DNS name) must be unique in the Amazon Web Services account and Region. *

    *
  • *
* * @param xksProxyUriEndpoint * Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This * parameter is required for custom key stores with a CustomKeyStoreType of * EXTERNAL_KEY_STORE.

*

* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

*

* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE, * specify https:// followed by the private DNS name of the VPC endpoint service. *

*

* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable * before you create the custom key store. KMS connects to the external key store proxy while creating the * custom key store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS * connects when you call the ConnectCustomKeyStore operation. *

*

* The value of this parameter must begin with https://. The remainder can contain upper and * lower case letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). * Additional slashes (/ and \) are not permitted. *

*

* Uniqueness requirements: *

*
    *
  • *

    * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in * the Amazon Web Services account and Region. *

    *
  • *
  • *

    * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

    *
  • *
  • *

    * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS * name. The XksProxyUriEndpoint value for external key stores with * VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in the Amazon Web * Services account and Region. *

    *
  • */ public void setXksProxyUriEndpoint(String xksProxyUriEndpoint) { this.xksProxyUriEndpoint = xksProxyUriEndpoint; } /** *

    * Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter * is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

    *

    * The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

    *

    * For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE, * specify https:// followed by the private DNS name of the VPC endpoint service. *

    *

    * For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before * you create the custom key store. KMS connects to the external key store proxy while creating the custom key * store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call * the ConnectCustomKeyStore operation. *

    *

    * The value of this parameter must begin with https://. The remainder can contain upper and lower case * letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes ( * / and \) are not permitted. *

    *

    * Uniqueness requirements: *

    *
      *
    • *

      * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

      *
    • *
    • *

      * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

      *
    • *
    • *

      * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name. * The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE * connectivity (private DNS name) must be unique in the Amazon Web Services account and Region. *

      *
    • *
    * * @return Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This * parameter is required for custom key stores with a CustomKeyStoreType of * EXTERNAL_KEY_STORE.

    *

    * The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

    *

    * For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE * , specify https:// followed by the private DNS name of the VPC endpoint service. *

    *

    * For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable * before you create the custom key store. KMS connects to the external key store proxy while creating the * custom key store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS * connects when you call the ConnectCustomKeyStore operation. *

    *

    * The value of this parameter must begin with https://. The remainder can contain upper and * lower case letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). * Additional slashes (/ and \) are not permitted. *

    *

    * Uniqueness requirements: *

    *
      *
    • *

      * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in * the Amazon Web Services account and Region. *

      *
    • *
    • *

      * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

      *
    • *
    • *

      * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS * name. The XksProxyUriEndpoint value for external key stores with * VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in the Amazon Web * Services account and Region. *

      *
    • */ public String getXksProxyUriEndpoint() { return this.xksProxyUriEndpoint; } /** *

      * Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter * is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

      *

      * The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

      *

      * For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE, * specify https:// followed by the private DNS name of the VPC endpoint service. *

      *

      * For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before * you create the custom key store. KMS connects to the external key store proxy while creating the custom key * store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call * the ConnectCustomKeyStore operation. *

      *

      * The value of this parameter must begin with https://. The remainder can contain upper and lower case * letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes ( * / and \) are not permitted. *

      *

      * Uniqueness requirements: *

      *
        *
      • *

        * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

        *
      • *
      • *

        * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

        *
      • *
      • *

        * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name. * The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE * connectivity (private DNS name) must be unique in the Amazon Web Services account and Region. *

        *
      • *
      * * @param xksProxyUriEndpoint * Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This * parameter is required for custom key stores with a CustomKeyStoreType of * EXTERNAL_KEY_STORE.

      *

      * The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the * XksProxyUriEndpoint value. *

      *

      * For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE, * specify https:// followed by the private DNS name of the VPC endpoint service. *

      *

      * For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable * before you create the custom key store. KMS connects to the external key store proxy while creating the * custom key store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS * connects when you call the ConnectCustomKeyStore operation. *

      *

      * The value of this parameter must begin with https://. The remainder can contain upper and * lower case letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). * Additional slashes (/ and \) are not permitted. *

      *

      * Uniqueness requirements: *

      *
        *
      • *

        * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in * the Amazon Web Services account and Region. *

        *
      • *
      • *

        * An external key store with PUBLIC_ENDPOINT connectivity cannot use the same * XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE * connectivity in this Amazon Web Services Region. *

        *
      • *
      • *

        * Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS * name. The XksProxyUriEndpoint value for external key stores with * VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in the Amazon Web * Services account and Region. *

        *
      • * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withXksProxyUriEndpoint(String xksProxyUriEndpoint) { setXksProxyUriEndpoint(xksProxyUriEndpoint); return this; } /** *

        * Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation * for your external key store proxy. This parameter is required for all custom key stores with a * CustomKeyStoreType of EXTERNAL_KEY_STORE. *

        *

        * The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix between * the required elements such as /prefix/kms/xks/v1. *

        *

        * Uniqueness requirements: *

        *
          *
        • *

          * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

          *
        • *
        * * @param xksProxyUriPath * Specifies the base path to the proxy APIs for this external key store. To find this value, see the * documentation for your external key store proxy. This parameter is required for all custom key stores with * a CustomKeyStoreType of EXTERNAL_KEY_STORE.

        *

        * The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix * between the required elements such as /prefix/kms/xks/v1. *

        *

        * Uniqueness requirements: *

        *
          *
        • *

          * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in * the Amazon Web Services account and Region. *

          *
        • */ public void setXksProxyUriPath(String xksProxyUriPath) { this.xksProxyUriPath = xksProxyUriPath; } /** *

          * Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation * for your external key store proxy. This parameter is required for all custom key stores with a * CustomKeyStoreType of EXTERNAL_KEY_STORE. *

          *

          * The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix between * the required elements such as /prefix/kms/xks/v1. *

          *

          * Uniqueness requirements: *

          *
            *
          • *

            * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

            *
          • *
          * * @return Specifies the base path to the proxy APIs for this external key store. To find this value, see the * documentation for your external key store proxy. This parameter is required for all custom key stores * with a CustomKeyStoreType of EXTERNAL_KEY_STORE.

          *

          * The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix * between the required elements such as /prefix/kms/xks/v1. *

          *

          * Uniqueness requirements: *

          *
            *
          • *

            * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in * the Amazon Web Services account and Region. *

            *
          • */ public String getXksProxyUriPath() { return this.xksProxyUriPath; } /** *

            * Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation * for your external key store proxy. This parameter is required for all custom key stores with a * CustomKeyStoreType of EXTERNAL_KEY_STORE. *

            *

            * The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix between * the required elements such as /prefix/kms/xks/v1. *

            *

            * Uniqueness requirements: *

            *
              *
            • *

              * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the * Amazon Web Services account and Region. *

              *
            • *
            * * @param xksProxyUriPath * Specifies the base path to the proxy APIs for this external key store. To find this value, see the * documentation for your external key store proxy. This parameter is required for all custom key stores with * a CustomKeyStoreType of EXTERNAL_KEY_STORE.

            *

            * The value must start with / and must end with /kms/xks/v1 where v1 * represents the version of the KMS external key store proxy API. This path can include an optional prefix * between the required elements such as /prefix/kms/xks/v1. *

            *

            * Uniqueness requirements: *

            *
              *
            • *

              * The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in * the Amazon Web Services account and Region. *

              *
            • * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withXksProxyUriPath(String xksProxyUriPath) { setXksProxyUriPath(xksProxyUriPath); return this; } /** *

              * Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with * your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE. *

              *

              * The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *

              *

              * Uniqueness requirements: *

              *
                *
              • *

                * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

                *
              • *
              * * @param xksProxyVpcEndpointServiceName * Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate * with your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE.

              *

              * The Amazon VPC endpoint service must fulfill all requirements for use with an external key store. *

              *

              * Uniqueness requirements: *

              *
                *
              • *

                * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

                *
              • */ public void setXksProxyVpcEndpointServiceName(String xksProxyVpcEndpointServiceName) { this.xksProxyVpcEndpointServiceName = xksProxyVpcEndpointServiceName; } /** *

                * Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with * your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE. *

                *

                * The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *

                *

                * Uniqueness requirements: *

                *
                  *
                • *

                  * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

                  *
                • *
                * * @return Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate * with your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE.

                *

                * The Amazon VPC endpoint service must fulfill all requirements for use with an external key store. *

                *

                * Uniqueness requirements: *

                *
                  *
                • *

                  * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

                  *
                • */ public String getXksProxyVpcEndpointServiceName() { return this.xksProxyVpcEndpointServiceName; } /** *

                  * Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with * your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE. *

                  *

                  * The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *

                  *

                  * Uniqueness requirements: *

                  *
                    *
                  • *

                    * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

                    *
                  • *
                  * * @param xksProxyVpcEndpointServiceName * Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate * with your external key store proxy (XKS proxy). This parameter is required when the value of * CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of * XksProxyConnectivity is VPC_ENDPOINT_SERVICE.

                  *

                  * The Amazon VPC endpoint service must fulfill all requirements for use with an external key store. *

                  *

                  * Uniqueness requirements: *

                  *
                    *
                  • *

                    * External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each * external key store must have its own VPC endpoint service and private DNS name. *

                    *
                  • * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withXksProxyVpcEndpointServiceName(String xksProxyVpcEndpointServiceName) { setXksProxyVpcEndpointServiceName(xksProxyVpcEndpointServiceName); return this; } /** *

                    * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required * for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a * secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For * character requirements, see * XksProxyAuthenticationCredentialType. *

                    *

                    * KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

                    *

                    * This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *

                    * * @param xksProxyAuthenticationCredential * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is * required for all custom key stores with a CustomKeyStoreType of * EXTERNAL_KEY_STORE.

                    *

                    * The XksProxyAuthenticationCredential has two required elements: * RawSecretAccessKey, a secret key, and AccessKeyId, a unique identifier for the * RawSecretAccessKey. For character requirements, see XksProxyAuthenticationCredentialType. *

                    *

                    * KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. * This credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

                    *

                    * This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS * the credential that you established on your external key store proxy. If you rotate your proxy * authentication credential, use the UpdateCustomKeyStore operation to provide the new credential to * KMS. */ public void setXksProxyAuthenticationCredential(XksProxyAuthenticationCredentialType xksProxyAuthenticationCredential) { this.xksProxyAuthenticationCredential = xksProxyAuthenticationCredential; } /** *

                    * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required * for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a * secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For * character requirements, see * XksProxyAuthenticationCredentialType. *

                    *

                    * KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

                    *

                    * This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *

                    * * @return Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is * required for all custom key stores with a CustomKeyStoreType of * EXTERNAL_KEY_STORE.

                    *

                    * The XksProxyAuthenticationCredential has two required elements: * RawSecretAccessKey, a secret key, and AccessKeyId, a unique identifier for the * RawSecretAccessKey. For character requirements, see XksProxyAuthenticationCredentialType. *

                    *

                    * KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. * This credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

                    *

                    * This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS * the credential that you established on your external key store proxy. If you rotate your proxy * authentication credential, use the UpdateCustomKeyStore operation to provide the new credential to * KMS. */ public XksProxyAuthenticationCredentialType getXksProxyAuthenticationCredential() { return this.xksProxyAuthenticationCredential; } /** *

                    * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required * for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a * secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For * character requirements, see * XksProxyAuthenticationCredentialType. *

                    *

                    * KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

                    *

                    * This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *

                    * * @param xksProxyAuthenticationCredential * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is * required for all custom key stores with a CustomKeyStoreType of * EXTERNAL_KEY_STORE.

                    *

                    * The XksProxyAuthenticationCredential has two required elements: * RawSecretAccessKey, a secret key, and AccessKeyId, a unique identifier for the * RawSecretAccessKey. For character requirements, see XksProxyAuthenticationCredentialType. *

                    *

                    * KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. * This credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *

                    *

                    * This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS * the credential that you established on your external key store proxy. If you rotate your proxy * authentication credential, use the UpdateCustomKeyStore operation to provide the new credential to * KMS. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withXksProxyAuthenticationCredential(XksProxyAuthenticationCredentialType xksProxyAuthenticationCredential) { setXksProxyAuthenticationCredential(xksProxyAuthenticationCredential); return this; } /** *

                    * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key * stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key * store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *

                    * * @param xksProxyConnectivity * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the * external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @see XksProxyConnectivityType */ public void setXksProxyConnectivity(String xksProxyConnectivity) { this.xksProxyConnectivity = xksProxyConnectivity; } /** *

                    * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key * stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key * store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *

                    * * @return Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the * external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @see XksProxyConnectivityType */ public String getXksProxyConnectivity() { return this.xksProxyConnectivity; } /** *

                    * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key * stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key * store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *

                    * * @param xksProxyConnectivity * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the * external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @return Returns a reference to this object so that method calls can be chained together. * @see XksProxyConnectivityType */ public CreateCustomKeyStoreRequest withXksProxyConnectivity(String xksProxyConnectivity) { setXksProxyConnectivity(xksProxyConnectivity); return this; } /** *

                    * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key * stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE. *

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key * store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *

                    * * @param xksProxyConnectivity * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.

                    *

                    * If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the * external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify * VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide. *

                    *

                    * An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @return Returns a reference to this object so that method calls can be chained together. * @see XksProxyConnectivityType */ public CreateCustomKeyStoreRequest withXksProxyConnectivity(XksProxyConnectivityType xksProxyConnectivity) { this.xksProxyConnectivity = xksProxyConnectivity.toString(); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getCustomKeyStoreName() != null) sb.append("CustomKeyStoreName: ").append(getCustomKeyStoreName()).append(","); if (getCloudHsmClusterId() != null) sb.append("CloudHsmClusterId: ").append(getCloudHsmClusterId()).append(","); if (getTrustAnchorCertificate() != null) sb.append("TrustAnchorCertificate: ").append(getTrustAnchorCertificate()).append(","); if (getKeyStorePassword() != null) sb.append("KeyStorePassword: ").append("***Sensitive Data Redacted***").append(","); if (getCustomKeyStoreType() != null) sb.append("CustomKeyStoreType: ").append(getCustomKeyStoreType()).append(","); if (getXksProxyUriEndpoint() != null) sb.append("XksProxyUriEndpoint: ").append(getXksProxyUriEndpoint()).append(","); if (getXksProxyUriPath() != null) sb.append("XksProxyUriPath: ").append(getXksProxyUriPath()).append(","); if (getXksProxyVpcEndpointServiceName() != null) sb.append("XksProxyVpcEndpointServiceName: ").append(getXksProxyVpcEndpointServiceName()).append(","); if (getXksProxyAuthenticationCredential() != null) sb.append("XksProxyAuthenticationCredential: ").append(getXksProxyAuthenticationCredential()).append(","); if (getXksProxyConnectivity() != null) sb.append("XksProxyConnectivity: ").append(getXksProxyConnectivity()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof CreateCustomKeyStoreRequest == false) return false; CreateCustomKeyStoreRequest other = (CreateCustomKeyStoreRequest) obj; if (other.getCustomKeyStoreName() == null ^ this.getCustomKeyStoreName() == null) return false; if (other.getCustomKeyStoreName() != null && other.getCustomKeyStoreName().equals(this.getCustomKeyStoreName()) == false) return false; if (other.getCloudHsmClusterId() == null ^ this.getCloudHsmClusterId() == null) return false; if (other.getCloudHsmClusterId() != null && other.getCloudHsmClusterId().equals(this.getCloudHsmClusterId()) == false) return false; if (other.getTrustAnchorCertificate() == null ^ this.getTrustAnchorCertificate() == null) return false; if (other.getTrustAnchorCertificate() != null && other.getTrustAnchorCertificate().equals(this.getTrustAnchorCertificate()) == false) return false; if (other.getKeyStorePassword() == null ^ this.getKeyStorePassword() == null) return false; if (other.getKeyStorePassword() != null && other.getKeyStorePassword().equals(this.getKeyStorePassword()) == false) return false; if (other.getCustomKeyStoreType() == null ^ this.getCustomKeyStoreType() == null) return false; if (other.getCustomKeyStoreType() != null && other.getCustomKeyStoreType().equals(this.getCustomKeyStoreType()) == false) return false; if (other.getXksProxyUriEndpoint() == null ^ this.getXksProxyUriEndpoint() == null) return false; if (other.getXksProxyUriEndpoint() != null && other.getXksProxyUriEndpoint().equals(this.getXksProxyUriEndpoint()) == false) return false; if (other.getXksProxyUriPath() == null ^ this.getXksProxyUriPath() == null) return false; if (other.getXksProxyUriPath() != null && other.getXksProxyUriPath().equals(this.getXksProxyUriPath()) == false) return false; if (other.getXksProxyVpcEndpointServiceName() == null ^ this.getXksProxyVpcEndpointServiceName() == null) return false; if (other.getXksProxyVpcEndpointServiceName() != null && other.getXksProxyVpcEndpointServiceName().equals(this.getXksProxyVpcEndpointServiceName()) == false) return false; if (other.getXksProxyAuthenticationCredential() == null ^ this.getXksProxyAuthenticationCredential() == null) return false; if (other.getXksProxyAuthenticationCredential() != null && other.getXksProxyAuthenticationCredential().equals(this.getXksProxyAuthenticationCredential()) == false) return false; if (other.getXksProxyConnectivity() == null ^ this.getXksProxyConnectivity() == null) return false; if (other.getXksProxyConnectivity() != null && other.getXksProxyConnectivity().equals(this.getXksProxyConnectivity()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getCustomKeyStoreName() == null) ? 0 : getCustomKeyStoreName().hashCode()); hashCode = prime * hashCode + ((getCloudHsmClusterId() == null) ? 0 : getCloudHsmClusterId().hashCode()); hashCode = prime * hashCode + ((getTrustAnchorCertificate() == null) ? 0 : getTrustAnchorCertificate().hashCode()); hashCode = prime * hashCode + ((getKeyStorePassword() == null) ? 0 : getKeyStorePassword().hashCode()); hashCode = prime * hashCode + ((getCustomKeyStoreType() == null) ? 0 : getCustomKeyStoreType().hashCode()); hashCode = prime * hashCode + ((getXksProxyUriEndpoint() == null) ? 0 : getXksProxyUriEndpoint().hashCode()); hashCode = prime * hashCode + ((getXksProxyUriPath() == null) ? 0 : getXksProxyUriPath().hashCode()); hashCode = prime * hashCode + ((getXksProxyVpcEndpointServiceName() == null) ? 0 : getXksProxyVpcEndpointServiceName().hashCode()); hashCode = prime * hashCode + ((getXksProxyAuthenticationCredential() == null) ? 0 : getXksProxyAuthenticationCredential().hashCode()); hashCode = prime * hashCode + ((getXksProxyConnectivity() == null) ? 0 : getXksProxyConnectivity().hashCode()); return hashCode; } @Override public CreateCustomKeyStoreRequest clone() { return (CreateCustomKeyStoreRequest) super.clone(); } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy