software.amazon.awssdk.services.ecr.model.EncryptionConfiguration Maven / Gradle / Ivy
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.ecr.model;
import java.io.Serializable;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Function;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.core.SdkField;
import software.amazon.awssdk.core.SdkPojo;
import software.amazon.awssdk.core.protocol.MarshallLocation;
import software.amazon.awssdk.core.protocol.MarshallingType;
import software.amazon.awssdk.core.traits.LocationTrait;
import software.amazon.awssdk.utils.ToString;
import software.amazon.awssdk.utils.builder.CopyableBuilder;
import software.amazon.awssdk.utils.builder.ToCopyableBuilder;
/**
*
* The encryption configuration for the repository. This determines how the contents of your repository are encrypted at
* rest.
*
*
* By default, when no encryption configuration is set or the AES256 encryption type is used, Amazon ECR
* uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256
* encryption algorithm. This does not require any action on your part.
*
*
* For more control over the encryption of the contents of your repository, you can use server-side encryption with Key
* Management Service key stored in Key Management Service (KMS) to encrypt your images. For more information, see Amazon ECR encryption at
* rest in the Amazon Elastic Container Registry User Guide.
*
*/
@Generated("software.amazon.awssdk:codegen")
public final class EncryptionConfiguration implements SdkPojo, Serializable,
ToCopyableBuilder {
private static final SdkField ENCRYPTION_TYPE_FIELD = SdkField. builder(MarshallingType.STRING)
.memberName("encryptionType").getter(getter(EncryptionConfiguration::encryptionTypeAsString))
.setter(setter(Builder::encryptionType))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("encryptionType").build()).build();
private static final SdkField KMS_KEY_FIELD = SdkField. builder(MarshallingType.STRING).memberName("kmsKey")
.getter(getter(EncryptionConfiguration::kmsKey)).setter(setter(Builder::kmsKey))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("kmsKey").build()).build();
private static final List> SDK_FIELDS = Collections.unmodifiableList(Arrays.asList(ENCRYPTION_TYPE_FIELD,
KMS_KEY_FIELD));
private static final long serialVersionUID = 1L;
private final String encryptionType;
private final String kmsKey;
private EncryptionConfiguration(BuilderImpl builder) {
this.encryptionType = builder.encryptionType;
this.kmsKey = builder.kmsKey;
}
/**
*
* The encryption type to use.
*
*
* If you use the KMS encryption type, the contents of the repository will be encrypted using
* server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you
* can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which
* you already created. For more information, see Protecting data using server-side
* encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple Storage Service
* Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed
* encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more
* information, see Protecting data using
* server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage
* Service Console Developer Guide.
*
*
* If the service returns an enum value that is not available in the current SDK version, {@link #encryptionType}
* will return {@link EncryptionType#UNKNOWN_TO_SDK_VERSION}. The raw value returned by the service is available
* from {@link #encryptionTypeAsString}.
*
*
* @return The encryption type to use.
*
* If you use the KMS encryption type, the contents of the repository will be encrypted using
* server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your
* data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your
* own KMS key, which you already created. For more information, see Protecting data using
* server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon
* Simple Storage Service Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon
* S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption
* algorithm. For more information, see Protecting data
* using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple
* Storage Service Console Developer Guide.
* @see EncryptionType
*/
public final EncryptionType encryptionType() {
return EncryptionType.fromValue(encryptionType);
}
/**
*
* The encryption type to use.
*
*
* If you use the KMS encryption type, the contents of the repository will be encrypted using
* server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you
* can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which
* you already created. For more information, see Protecting data using server-side
* encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple Storage Service
* Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed
* encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more
* information, see Protecting data using
* server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage
* Service Console Developer Guide.
*
*
* If the service returns an enum value that is not available in the current SDK version, {@link #encryptionType}
* will return {@link EncryptionType#UNKNOWN_TO_SDK_VERSION}. The raw value returned by the service is available
* from {@link #encryptionTypeAsString}.
*
*
* @return The encryption type to use.
*
* If you use the KMS encryption type, the contents of the repository will be encrypted using
* server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your
* data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your
* own KMS key, which you already created. For more information, see Protecting data using
* server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon
* Simple Storage Service Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon
* S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption
* algorithm. For more information, see Protecting data
* using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple
* Storage Service Console Developer Guide.
* @see EncryptionType
*/
public final String encryptionTypeAsString() {
return encryptionType;
}
/**
*
* If you use the KMS encryption type, specify the KMS key to use for encryption. The alias, key ID, or
* full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is
* specified, the default Amazon Web Services managed KMS key for Amazon ECR will be used.
*
*
* @return If you use the KMS encryption type, specify the KMS key to use for encryption. The alias,
* key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the
* repository. If no key is specified, the default Amazon Web Services managed KMS key for Amazon ECR will
* be used.
*/
public final String kmsKey() {
return kmsKey;
}
@Override
public Builder toBuilder() {
return new BuilderImpl(this);
}
public static Builder builder() {
return new BuilderImpl();
}
public static Class serializableBuilderClass() {
return BuilderImpl.class;
}
@Override
public final int hashCode() {
int hashCode = 1;
hashCode = 31 * hashCode + Objects.hashCode(encryptionTypeAsString());
hashCode = 31 * hashCode + Objects.hashCode(kmsKey());
return hashCode;
}
@Override
public final boolean equals(Object obj) {
return equalsBySdkFields(obj);
}
@Override
public final boolean equalsBySdkFields(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof EncryptionConfiguration)) {
return false;
}
EncryptionConfiguration other = (EncryptionConfiguration) obj;
return Objects.equals(encryptionTypeAsString(), other.encryptionTypeAsString())
&& Objects.equals(kmsKey(), other.kmsKey());
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*/
@Override
public final String toString() {
return ToString.builder("EncryptionConfiguration").add("EncryptionType", encryptionTypeAsString())
.add("KmsKey", kmsKey()).build();
}
public final Optional getValueForField(String fieldName, Class clazz) {
switch (fieldName) {
case "encryptionType":
return Optional.ofNullable(clazz.cast(encryptionTypeAsString()));
case "kmsKey":
return Optional.ofNullable(clazz.cast(kmsKey()));
default:
return Optional.empty();
}
}
@Override
public final List> sdkFields() {
return SDK_FIELDS;
}
private static Function getter(Function g) {
return obj -> g.apply((EncryptionConfiguration) obj);
}
private static BiConsumer setter(BiConsumer s) {
return (obj, val) -> s.accept((Builder) obj, val);
}
public interface Builder extends SdkPojo, CopyableBuilder {
/**
*
* The encryption type to use.
*
*
* If you use the KMS encryption type, the contents of the repository will be encrypted using
* server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data,
* you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS
* key, which you already created. For more information, see Protecting data using
* server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple
* Storage Service Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon
* S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm.
* For more information, see Protecting data using
* server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage
* Service Console Developer Guide.
*
*
* @param encryptionType
* The encryption type to use.
*
* If you use the KMS encryption type, the contents of the repository will be encrypted
* using server-side encryption with Key Management Service key stored in KMS. When you use KMS to
* encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR,
* or specify your own KMS key, which you already created. For more information, see Protecting data using
* server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon
* Simple Storage Service Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon
* S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption
* algorithm. For more information, see Protecting data
* using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon
* Simple Storage Service Console Developer Guide.
* @see EncryptionType
* @return Returns a reference to this object so that method calls can be chained together.
* @see EncryptionType
*/
Builder encryptionType(String encryptionType);
/**
*
* The encryption type to use.
*
*
* If you use the KMS encryption type, the contents of the repository will be encrypted using
* server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data,
* you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS
* key, which you already created. For more information, see Protecting data using
* server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple
* Storage Service Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon
* S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm.
* For more information, see Protecting data using
* server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage
* Service Console Developer Guide.
*
*
* @param encryptionType
* The encryption type to use.
*
* If you use the KMS encryption type, the contents of the repository will be encrypted
* using server-side encryption with Key Management Service key stored in KMS. When you use KMS to
* encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR,
* or specify your own KMS key, which you already created. For more information, see Protecting data using
* server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon
* Simple Storage Service Console Developer Guide.
*
*
* If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon
* S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption
* algorithm. For more information, see Protecting data
* using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon
* Simple Storage Service Console Developer Guide.
* @see EncryptionType
* @return Returns a reference to this object so that method calls can be chained together.
* @see EncryptionType
*/
Builder encryptionType(EncryptionType encryptionType);
/**
*
* If you use the KMS encryption type, specify the KMS key to use for encryption. The alias, key
* ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If
* no key is specified, the default Amazon Web Services managed KMS key for Amazon ECR will be used.
*
*
* @param kmsKey
* If you use the KMS encryption type, specify the KMS key to use for encryption. The alias,
* key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the
* repository. If no key is specified, the default Amazon Web Services managed KMS key for Amazon ECR
* will be used.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder kmsKey(String kmsKey);
}
static final class BuilderImpl implements Builder {
private String encryptionType;
private String kmsKey;
private BuilderImpl() {
}
private BuilderImpl(EncryptionConfiguration model) {
encryptionType(model.encryptionType);
kmsKey(model.kmsKey);
}
public final String getEncryptionType() {
return encryptionType;
}
public final void setEncryptionType(String encryptionType) {
this.encryptionType = encryptionType;
}
@Override
public final Builder encryptionType(String encryptionType) {
this.encryptionType = encryptionType;
return this;
}
@Override
public final Builder encryptionType(EncryptionType encryptionType) {
this.encryptionType(encryptionType == null ? null : encryptionType.toString());
return this;
}
public final String getKmsKey() {
return kmsKey;
}
public final void setKmsKey(String kmsKey) {
this.kmsKey = kmsKey;
}
@Override
public final Builder kmsKey(String kmsKey) {
this.kmsKey = kmsKey;
return this;
}
@Override
public EncryptionConfiguration build() {
return new EncryptionConfiguration(this);
}
@Override
public List> sdkFields() {
return SDK_FIELDS;
}
}
}