com.amazonaws.services.kms.model.PutKeyPolicyRequest Maven / Gradle / Ivy
Show all versions of aws-java-sdk-kms Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.kms.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.AmazonWebServiceRequest;
/**
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class PutKeyPolicyRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {
/**
*
* Sets the key policy on the specified KMS key.
*
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
*
*/
private String keyId;
/**
*
* The name of the key policy. If no policy name is specified, the default value is default. The only
* valid value is default.
*
*/
private String policyName;
/**
*
* The key policy to attach to the KMS key.
*
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on the KMS
* key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy must exist
* and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay
* before including the new principal in a key policy because the new principal might not be immediately visible to
* KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access
* Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII character
* range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
* characters
*
*
*
*
* For information about key policies, see Key policies in KMS in the
* Key Management Service Developer Guide.For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in
* the Identity and Access Management User Guide .
*
*/
private String policy;
/**
*
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
*
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to
* true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy
* request on the KMS key.
*
*/
private Boolean bypassPolicyLockoutSafetyCheck;
/**
*
* Sets the key policy on the specified KMS key.
*
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
*
*
* @param keyId
* Sets the key policy on the specified KMS key.
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
*/
public void setKeyId(String keyId) {
this.keyId = keyId;
}
/**
*
* Sets the key policy on the specified KMS key.
*
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
*
*
* @return Sets the key policy on the specified KMS key.
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
*/
public String getKeyId() {
return this.keyId;
}
/**
*
* Sets the key policy on the specified KMS key.
*
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
*
*
* @param keyId
* Sets the key policy on the specified KMS key.
*
* Specify the key ID or key ARN of the KMS key.
*
*
* For example:
*
*
* -
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
*
* -
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
*
*
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public PutKeyPolicyRequest withKeyId(String keyId) {
setKeyId(keyId);
return this;
}
/**
*
* The name of the key policy. If no policy name is specified, the default value is default. The only
* valid value is default.
*
*
* @param policyName
* The name of the key policy. If no policy name is specified, the default value is default. The
* only valid value is default.
*/
public void setPolicyName(String policyName) {
this.policyName = policyName;
}
/**
*
* The name of the key policy. If no policy name is specified, the default value is default. The only
* valid value is default.
*
*
* @return The name of the key policy. If no policy name is specified, the default value is default.
* The only valid value is default.
*/
public String getPolicyName() {
return this.policyName;
}
/**
*
* The name of the key policy. If no policy name is specified, the default value is default. The only
* valid value is default.
*
*
* @param policyName
* The name of the key policy. If no policy name is specified, the default value is default. The
* only valid value is default.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public PutKeyPolicyRequest withPolicyName(String policyName) {
setPolicyName(policyName);
return this;
}
/**
*
* The key policy to attach to the KMS key.
*
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on the KMS
* key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy must exist
* and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay
* before including the new principal in a key policy because the new principal might not be immediately visible to
* KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access
* Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII character
* range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
* characters
*
*
*
*
* For information about key policies, see Key policies in KMS in the
* Key Management Service Developer Guide.For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in
* the Identity and Access Management User Guide .
*
*
* @param policy
* The key policy to attach to the KMS key.
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on
* the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy
* must exist and be visible to KMS. When you create a new Amazon Web Services principal, you might need to
* enforce a delay before including the new principal in a key policy because the new principal might not be
* immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and
* Access Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII
* character range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF
* ).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D)
* special characters
*
*
*
*
* For information about key policies, see Key policies in KMS in
* the Key Management Service Developer Guide.For help writing and formatting a JSON policy document,
* see the IAM JSON Policy
* Reference in the Identity and Access Management User Guide .
*/
public void setPolicy(String policy) {
this.policy = policy;
}
/**
*
* The key policy to attach to the KMS key.
*
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on the KMS
* key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy must exist
* and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay
* before including the new principal in a key policy because the new principal might not be immediately visible to
* KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access
* Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII character
* range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
* characters
*
*
*
*
* For information about key policies, see Key policies in KMS in the
* Key Management Service Developer Guide.For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in
* the Identity and Access Management User Guide .
*
*
* @return The key policy to attach to the KMS key.
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on
* the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition,
* set BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy
* must exist and be visible to KMS. When you create a new Amazon Web Services principal, you might need to
* enforce a delay before including the new principal in a key policy because the new principal might not be
* immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and
* Access Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII
* character range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF
* ).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D)
* special characters
*
*
*
*
* For information about key policies, see Key policies in KMS in
* the Key Management Service Developer Guide.For help writing and formatting a JSON policy document,
* see the IAM JSON
* Policy Reference in the Identity and Access Management User Guide .
*/
public String getPolicy() {
return this.policy;
}
/**
*
* The key policy to attach to the KMS key.
*
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on the KMS
* key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy must exist
* and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay
* before including the new principal in a key policy because the new principal might not be immediately visible to
* KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access
* Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII character
* range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special
* characters
*
*
*
*
* For information about key policies, see Key policies in KMS in the
* Key Management Service Developer Guide.For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in
* the Identity and Access Management User Guide .
*
*
* @param policy
* The key policy to attach to the KMS key.
*
* The key policy must meet the following criteria:
*
*
* -
*
* The key policy must allow the calling principal to make a subsequent PutKeyPolicy request on
* the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
*
* -
*
* Each statement in the key policy must contain one or more principals. The principals in the key policy
* must exist and be visible to KMS. When you create a new Amazon Web Services principal, you might need to
* enforce a delay before including the new principal in a key policy because the new principal might not be
* immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and
* Access Management User Guide.
*
*
*
*
* A key policy document can include only the following characters:
*
*
* -
*
* Printable ASCII characters from the space character (\u0020) through the end of the ASCII
* character range.
*
*
* -
*
* Printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF
* ).
*
*
* -
*
* The tab (\u0009), line feed (\u000A), and carriage return (\u000D)
* special characters
*
*
*
*
* For information about key policies, see Key policies in KMS in
* the Key Management Service Developer Guide.For help writing and formatting a JSON policy document,
* see the IAM JSON Policy
* Reference in the Identity and Access Management User Guide .
* @return Returns a reference to this object so that method calls can be chained together.
*/
public PutKeyPolicyRequest withPolicy(String policy) {
setPolicy(policy);
return this;
}
/**
*
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
*
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to
* true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy
* request on the KMS key.
*
*
* @param bypassPolicyLockoutSafetyCheck
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value
* to true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy request
* on the KMS key.
*/
public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) {
this.bypassPolicyLockoutSafetyCheck = bypassPolicyLockoutSafetyCheck;
}
/**
*
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
*
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to
* true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy
* request on the KMS key.
*
*
* @return Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this
* value to true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy request
* on the KMS key.
*/
public Boolean getBypassPolicyLockoutSafetyCheck() {
return this.bypassPolicyLockoutSafetyCheck;
}
/**
*
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
*
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to
* true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy
* request on the KMS key.
*
*
* @param bypassPolicyLockoutSafetyCheck
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value
* to true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy request
* on the KMS key.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public PutKeyPolicyRequest withBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) {
setBypassPolicyLockoutSafetyCheck(bypassPolicyLockoutSafetyCheck);
return this;
}
/**
*
* Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
*
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to
* true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy
* request on the KMS key.
*
*
* @return Skips ("bypasses") the key policy lockout safety check. The default value is false.
*
* Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this
* value to true indiscriminately.
*
*
* For more information, see Default key policy in the Key Management Service Developer Guide.
*
*
*
* Use this parameter only when you intend to prevent the principal that is making the request from making a
* subsequent PutKeyPolicy request
* on the KMS key.
*/
public Boolean isBypassPolicyLockoutSafetyCheck() {
return this.bypassPolicyLockoutSafetyCheck;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getKeyId() != null)
sb.append("KeyId: ").append(getKeyId()).append(",");
if (getPolicyName() != null)
sb.append("PolicyName: ").append(getPolicyName()).append(",");
if (getPolicy() != null)
sb.append("Policy: ").append(getPolicy()).append(",");
if (getBypassPolicyLockoutSafetyCheck() != null)
sb.append("BypassPolicyLockoutSafetyCheck: ").append(getBypassPolicyLockoutSafetyCheck());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof PutKeyPolicyRequest == false)
return false;
PutKeyPolicyRequest other = (PutKeyPolicyRequest) obj;
if (other.getKeyId() == null ^ this.getKeyId() == null)
return false;
if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false)
return false;
if (other.getPolicyName() == null ^ this.getPolicyName() == null)
return false;
if (other.getPolicyName() != null && other.getPolicyName().equals(this.getPolicyName()) == false)
return false;
if (other.getPolicy() == null ^ this.getPolicy() == null)
return false;
if (other.getPolicy() != null && other.getPolicy().equals(this.getPolicy()) == false)
return false;
if (other.getBypassPolicyLockoutSafetyCheck() == null ^ this.getBypassPolicyLockoutSafetyCheck() == null)
return false;
if (other.getBypassPolicyLockoutSafetyCheck() != null
&& other.getBypassPolicyLockoutSafetyCheck().equals(this.getBypassPolicyLockoutSafetyCheck()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode());
hashCode = prime * hashCode + ((getPolicyName() == null) ? 0 : getPolicyName().hashCode());
hashCode = prime * hashCode + ((getPolicy() == null) ? 0 : getPolicy().hashCode());
hashCode = prime * hashCode + ((getBypassPolicyLockoutSafetyCheck() == null) ? 0 : getBypassPolicyLockoutSafetyCheck().hashCode());
return hashCode;
}
@Override
public PutKeyPolicyRequest clone() {
return (PutKeyPolicyRequest) super.clone();
}
}