All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.kms.model.GenerateDataKeyRequest Maven / Gradle / Ivy

Go to download

The AWS Java SDK for AWS KMS module holds the client classes that are used for communicating with AWS Key Management Service

There is a newer version: 1.12.778
Show newest version
/*
 * Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.kms.model;

import java.io.Serializable;
import javax.annotation.Generated;

import com.amazonaws.AmazonWebServiceRequest;

/**
 * 
 * @see AWS API
 *      Documentation
 */
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class GenerateDataKeyRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {

    /**
     * 

* Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric KMS key * or a KMS key in a custom key store. To get the type and origin of your KMS key, use the DescribeKey * operation. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN * or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *

*/ private String keyId; /** *

* Specifies the encryption context that will be used when encrypting the data key. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *

*

* For more information, see Encryption context * in the Key Management Service Developer Guide. *

*/ private com.amazonaws.internal.SdkInternalMap encryptionContext; /** *

* Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data key (64 * bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the KeySpec * parameter. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

*/ private Integer numberOfBytes; /** *

* Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

*/ private String keySpec; /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *

*/ private com.amazonaws.internal.SdkInternalList grantTokens; /** *

* A signed attestation * document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's * public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data key * under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private * key in the enclave. The CiphertextBlob field in the response contains a copy of the data key * encrypted under the KMS key specified by the KeyId parameter. The Plaintext field in * the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *

*/ private RecipientInfo recipient; /** *

* Checks if your request will succeed. DryRun is an optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *

*/ private Boolean dryRun; /** *

* Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric KMS key * or a KMS key in a custom key store. To get the type and origin of your KMS key, use the DescribeKey * operation. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN * or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *

* * @param keyId * Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric * KMS key or a KMS key in a custom key store. To get the type and origin of your KMS key, use the * DescribeKey operation.

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix * it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public void setKeyId(String keyId) { this.keyId = keyId; } /** *

* Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric KMS key * or a KMS key in a custom key store. To get the type and origin of your KMS key, use the DescribeKey * operation. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN * or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *

* * @return Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric * KMS key or a KMS key in a custom key store. To get the type and origin of your KMS key, use the * DescribeKey operation.

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix * it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public String getKeyId() { return this.keyId; } /** *

* Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric KMS key * or a KMS key in a custom key store. To get the type and origin of your KMS key, use the DescribeKey * operation. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN * or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *

* * @param keyId * Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric * KMS key or a KMS key in a custom key store. To get the type and origin of your KMS key, use the * DescribeKey operation.

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix * it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

*
    *
  • *

    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

    *
  • *
  • *

    * Alias name: alias/ExampleAlias *

    *
  • *
  • *

    * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

    *
  • *
*

* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withKeyId(String keyId) { setKeyId(keyId); return this; } /** *

* Specifies the encryption context that will be used when encrypting the data key. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *

*

* For more information, see Encryption context * in the Key Management Service Developer Guide. *

* * @return Specifies the encryption context that will be used when encrypting the data key.

*

* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *

*

* For more information, see Encryption * context in the Key Management Service Developer Guide. */ public java.util.Map getEncryptionContext() { if (encryptionContext == null) { encryptionContext = new com.amazonaws.internal.SdkInternalMap(); } return encryptionContext; } /** *

* Specifies the encryption context that will be used when encrypting the data key. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *

*

* For more information, see Encryption context * in the Key Management Service Developer Guide. *

* * @param encryptionContext * Specifies the encryption context that will be used when encrypting the data key.

*

* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *

*

* For more information, see Encryption * context in the Key Management Service Developer Guide. */ public void setEncryptionContext(java.util.Map encryptionContext) { this.encryptionContext = encryptionContext == null ? null : new com.amazonaws.internal.SdkInternalMap(encryptionContext); } /** *

* Specifies the encryption context that will be used when encrypting the data key. *

* *

* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *

*

* For more information, see Encryption context * in the Key Management Service Developer Guide. *

* * @param encryptionContext * Specifies the encryption context that will be used when encrypting the data key.

*

* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *

*
*

* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *

*

* For more information, see Encryption * context in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withEncryptionContext(java.util.Map encryptionContext) { setEncryptionContext(encryptionContext); return this; } /** * Add a single EncryptionContext entry * * @see GenerateDataKeyRequest#withEncryptionContext * @returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest addEncryptionContextEntry(String key, String value) { if (null == this.encryptionContext) { this.encryptionContext = new com.amazonaws.internal.SdkInternalMap(); } if (this.encryptionContext.containsKey(key)) throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided."); this.encryptionContext.put(key, value); return this; } /** * Removes all the entries added into EncryptionContext. * * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest clearEncryptionContextEntries() { this.encryptionContext = null; return this; } /** *

* Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data key (64 * bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the KeySpec * parameter. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @param numberOfBytes * Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data * key (64 bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the * KeySpec parameter.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. */ public void setNumberOfBytes(Integer numberOfBytes) { this.numberOfBytes = numberOfBytes; } /** *

* Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data key (64 * bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the KeySpec * parameter. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @return Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data * key (64 bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the * KeySpec parameter.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. */ public Integer getNumberOfBytes() { return this.numberOfBytes; } /** *

* Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data key (64 * bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the KeySpec * parameter. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @param numberOfBytes * Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data * key (64 bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the * KeySpec parameter.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withNumberOfBytes(Integer numberOfBytes) { setNumberOfBytes(numberOfBytes); return this; } /** *

* Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @param keySpec * Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. * @see DataKeySpec */ public void setKeySpec(String keySpec) { this.keySpec = keySpec; } /** *

* Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @return Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. * @see DataKeySpec */ public String getKeySpec() { return this.keySpec; } /** *

* Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @param keySpec * Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. * @return Returns a reference to this object so that method calls can be chained together. * @see DataKeySpec */ public GenerateDataKeyRequest withKeySpec(String keySpec) { setKeySpec(keySpec); return this; } /** *

* Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @param keySpec * Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. * @see DataKeySpec */ public void setKeySpec(DataKeySpec keySpec) { withKeySpec(keySpec); } /** *

* Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key. *

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in * every GenerateDataKey request. *

* * @param keySpec * Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or * AES_256 to generate a 256-bit symmetric key.

*

* You must specify either the KeySpec or the NumberOfBytes parameter (but not * both) in every GenerateDataKey request. * @return Returns a reference to this object so that method calls can be chained together. * @see DataKeySpec */ public GenerateDataKeyRequest withKeySpec(DataKeySpec keySpec) { this.keySpec = keySpec.toString(); return this; } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *

* * @return A list of grant tokens.

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet * achieved eventual consistency. For more information, see Grant token and * Using * a grant token in the Key Management Service Developer Guide. */ public java.util.List getGrantTokens() { if (grantTokens == null) { grantTokens = new com.amazonaws.internal.SdkInternalList(); } return grantTokens; } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *

* * @param grantTokens * A list of grant tokens.

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet * achieved eventual consistency. For more information, see Grant token and * Using * a grant token in the Key Management Service Developer Guide. */ public void setGrantTokens(java.util.Collection grantTokens) { if (grantTokens == null) { this.grantTokens = null; return; } this.grantTokens = new com.amazonaws.internal.SdkInternalList(grantTokens); } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *

*

* NOTE: This method appends the values to the existing list (if any). Use * {@link #setGrantTokens(java.util.Collection)} or {@link #withGrantTokens(java.util.Collection)} if you want to * override the existing values. *

* * @param grantTokens * A list of grant tokens.

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet * achieved eventual consistency. For more information, see Grant token and * Using * a grant token in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withGrantTokens(String... grantTokens) { if (this.grantTokens == null) { setGrantTokens(new com.amazonaws.internal.SdkInternalList(grantTokens.length)); } for (String ele : grantTokens) { this.grantTokens.add(ele); } return this; } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *

* * @param grantTokens * A list of grant tokens.

*

* Use a grant token when your permission to call this operation comes from a new grant that has not yet * achieved eventual consistency. For more information, see Grant token and * Using * a grant token in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withGrantTokens(java.util.Collection grantTokens) { setGrantTokens(grantTokens); return this; } /** *

* A signed attestation * document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's * public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data key * under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private * key in the enclave. The CiphertextBlob field in the response contains a copy of the data key * encrypted under the KMS key specified by the KeyId parameter. The Plaintext field in * the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *

* * @param recipient * A signed attestation document from an Amazon Web Services Nitro enclave and the encryption algorithm to use * with the enclave's public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web * Services Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data * key under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the * private key in the enclave. The CiphertextBlob field in the response contains a copy of the * data key encrypted under the KMS key specified by the KeyId parameter. The * Plaintext field in the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web * Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide. */ public void setRecipient(RecipientInfo recipient) { this.recipient = recipient; } /** *

* A signed attestation * document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's * public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data key * under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private * key in the enclave. The CiphertextBlob field in the response contains a copy of the data key * encrypted under the KMS key specified by the KeyId parameter. The Plaintext field in * the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *

* * @return A signed attestation document from an Amazon Web Services Nitro enclave and the encryption algorithm to use * with the enclave's public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include * this parameter, use the Amazon Web * Services Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data * key under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the * private key in the enclave. The CiphertextBlob field in the response contains a copy of the * data key encrypted under the KMS key specified by the KeyId parameter. The * Plaintext field in the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web * Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide. */ public RecipientInfo getRecipient() { return this.recipient; } /** *

* A signed attestation * document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's * public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data key * under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private * key in the enclave. The CiphertextBlob field in the response contains a copy of the data key * encrypted under the KMS key specified by the KeyId parameter. The Plaintext field in * the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *

* * @param recipient * A signed attestation document from an Amazon Web Services Nitro enclave and the encryption algorithm to use * with the enclave's public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256. *

*

* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web * Services Nitro Enclaves SDK or any Amazon Web Services SDK. *

*

* When you use this parameter, instead of returning the plaintext data key, KMS encrypts the plaintext data * key under the public key in the attestation document, and returns the resulting ciphertext in the * CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the * private key in the enclave. The CiphertextBlob field in the response contains a copy of the * data key encrypted under the KMS key specified by the KeyId parameter. The * Plaintext field in the response is null or empty. *

*

* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web * Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withRecipient(RecipientInfo recipient) { setRecipient(recipient); return this; } /** *

* Checks if your request will succeed. DryRun is an optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *

* * @param dryRun * Checks if your request will succeed. DryRun is an optional parameter.

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public void setDryRun(Boolean dryRun) { this.dryRun = dryRun; } /** *

* Checks if your request will succeed. DryRun is an optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *

* * @return Checks if your request will succeed. DryRun is an optional parameter.

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public Boolean getDryRun() { return this.dryRun; } /** *

* Checks if your request will succeed. DryRun is an optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *

* * @param dryRun * Checks if your request will succeed. DryRun is an optional parameter.

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public GenerateDataKeyRequest withDryRun(Boolean dryRun) { setDryRun(dryRun); return this; } /** *

* Checks if your request will succeed. DryRun is an optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *

* * @return Checks if your request will succeed. DryRun is an optional parameter.

*

* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public Boolean isDryRun() { return this.dryRun; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKeyId() != null) sb.append("KeyId: ").append(getKeyId()).append(","); if (getEncryptionContext() != null) sb.append("EncryptionContext: ").append(getEncryptionContext()).append(","); if (getNumberOfBytes() != null) sb.append("NumberOfBytes: ").append(getNumberOfBytes()).append(","); if (getKeySpec() != null) sb.append("KeySpec: ").append(getKeySpec()).append(","); if (getGrantTokens() != null) sb.append("GrantTokens: ").append(getGrantTokens()).append(","); if (getRecipient() != null) sb.append("Recipient: ").append(getRecipient()).append(","); if (getDryRun() != null) sb.append("DryRun: ").append(getDryRun()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof GenerateDataKeyRequest == false) return false; GenerateDataKeyRequest other = (GenerateDataKeyRequest) obj; if (other.getKeyId() == null ^ this.getKeyId() == null) return false; if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) return false; if (other.getEncryptionContext() == null ^ this.getEncryptionContext() == null) return false; if (other.getEncryptionContext() != null && other.getEncryptionContext().equals(this.getEncryptionContext()) == false) return false; if (other.getNumberOfBytes() == null ^ this.getNumberOfBytes() == null) return false; if (other.getNumberOfBytes() != null && other.getNumberOfBytes().equals(this.getNumberOfBytes()) == false) return false; if (other.getKeySpec() == null ^ this.getKeySpec() == null) return false; if (other.getKeySpec() != null && other.getKeySpec().equals(this.getKeySpec()) == false) return false; if (other.getGrantTokens() == null ^ this.getGrantTokens() == null) return false; if (other.getGrantTokens() != null && other.getGrantTokens().equals(this.getGrantTokens()) == false) return false; if (other.getRecipient() == null ^ this.getRecipient() == null) return false; if (other.getRecipient() != null && other.getRecipient().equals(this.getRecipient()) == false) return false; if (other.getDryRun() == null ^ this.getDryRun() == null) return false; if (other.getDryRun() != null && other.getDryRun().equals(this.getDryRun()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); hashCode = prime * hashCode + ((getEncryptionContext() == null) ? 0 : getEncryptionContext().hashCode()); hashCode = prime * hashCode + ((getNumberOfBytes() == null) ? 0 : getNumberOfBytes().hashCode()); hashCode = prime * hashCode + ((getKeySpec() == null) ? 0 : getKeySpec().hashCode()); hashCode = prime * hashCode + ((getGrantTokens() == null) ? 0 : getGrantTokens().hashCode()); hashCode = prime * hashCode + ((getRecipient() == null) ? 0 : getRecipient().hashCode()); hashCode = prime * hashCode + ((getDryRun() == null) ? 0 : getDryRun().hashCode()); return hashCode; } @Override public GenerateDataKeyRequest clone() { return (GenerateDataKeyRequest) super.clone(); } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy