software.amazon.awssdk.services.ses.model.S3Action Maven / Gradle / Ivy
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.ses.model;
import java.io.Serializable;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Function;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.core.SdkField;
import software.amazon.awssdk.core.SdkPojo;
import software.amazon.awssdk.core.protocol.MarshallLocation;
import software.amazon.awssdk.core.protocol.MarshallingType;
import software.amazon.awssdk.core.traits.LocationTrait;
import software.amazon.awssdk.utils.ToString;
import software.amazon.awssdk.utils.builder.CopyableBuilder;
import software.amazon.awssdk.utils.builder.ToCopyableBuilder;
/**
*
* When included in a receipt rule, this action saves the received message to an Amazon Simple Storage Service (Amazon
* S3) bucket and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).
*
*
* To enable Amazon SES to write emails to your Amazon S3 bucket, use an Amazon Web Services KMS key to encrypt your
* emails, or publish to an Amazon SNS topic of another account, Amazon SES must have permission to access those
* resources. For information about granting permissions, see the Amazon SES Developer Guide.
*
*
*
* When you save your emails to an Amazon S3 bucket, the maximum email size (including headers) is 40 MB. Emails larger
* than that bounces.
*
*
*
* For information about specifying Amazon S3 actions in receipt rules, see the Amazon SES Developer Guide.
*
*/
@Generated("software.amazon.awssdk:codegen")
public final class S3Action implements SdkPojo, Serializable, ToCopyableBuilder {
private static final SdkField TOPIC_ARN_FIELD = SdkField. builder(MarshallingType.STRING)
.memberName("TopicArn").getter(getter(S3Action::topicArn)).setter(setter(Builder::topicArn))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("TopicArn").build()).build();
private static final SdkField BUCKET_NAME_FIELD = SdkField. builder(MarshallingType.STRING)
.memberName("BucketName").getter(getter(S3Action::bucketName)).setter(setter(Builder::bucketName))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("BucketName").build()).build();
private static final SdkField OBJECT_KEY_PREFIX_FIELD = SdkField. builder(MarshallingType.STRING)
.memberName("ObjectKeyPrefix").getter(getter(S3Action::objectKeyPrefix)).setter(setter(Builder::objectKeyPrefix))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("ObjectKeyPrefix").build()).build();
private static final SdkField KMS_KEY_ARN_FIELD = SdkField. builder(MarshallingType.STRING)
.memberName("KmsKeyArn").getter(getter(S3Action::kmsKeyArn)).setter(setter(Builder::kmsKeyArn))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("KmsKeyArn").build()).build();
private static final SdkField IAM_ROLE_ARN_FIELD = SdkField. builder(MarshallingType.STRING)
.memberName("IamRoleArn").getter(getter(S3Action::iamRoleArn)).setter(setter(Builder::iamRoleArn))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("IamRoleArn").build()).build();
private static final List> SDK_FIELDS = Collections.unmodifiableList(Arrays.asList(TOPIC_ARN_FIELD,
BUCKET_NAME_FIELD, OBJECT_KEY_PREFIX_FIELD, KMS_KEY_ARN_FIELD, IAM_ROLE_ARN_FIELD));
private static final long serialVersionUID = 1L;
private final String topicArn;
private final String bucketName;
private final String objectKeyPrefix;
private final String kmsKeyArn;
private final String iamRoleArn;
private S3Action(BuilderImpl builder) {
this.topicArn = builder.topicArn;
this.bucketName = builder.bucketName;
this.objectKeyPrefix = builder.objectKeyPrefix;
this.kmsKeyArn = builder.kmsKeyArn;
this.iamRoleArn = builder.iamRoleArn;
}
/**
*
* The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN
* of a topic by using the ListTopics
* operation in Amazon SNS.
*
*
* For more information about Amazon SNS topics, see the Amazon SNS Developer Guide.
*
*
* @return The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find
* the ARN of a topic by using the ListTopics operation in Amazon
* SNS.
*
* For more information about Amazon SNS topics, see the Amazon SNS Developer Guide.
*/
public final String topicArn() {
return topicArn;
}
/**
*
* The name of the Amazon S3 bucket for incoming email.
*
*
* @return The name of the Amazon S3 bucket for incoming email.
*/
public final String bucketName() {
return bucketName;
}
/**
*
* The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store
* similar data under the same directory in a bucket.
*
*
* @return The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to
* store similar data under the same directory in a bucket.
*/
public final String objectKeyPrefix() {
return objectKeyPrefix;
}
/**
*
* The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3
* bucket. You can use the default managed key or a custom managed key that you created in Amazon Web Services KMS
* as follows:
*
*
* -
*
* To use the default managed key, provide an ARN in the form of
* arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses
. For example, if your Amazon Web
* Services account ID is 123456789012 and you want to use the default managed key in the US West (Oregon) Region,
* the ARN of the default master key would be arn:aws:kms:us-west-2:123456789012:alias/aws/ses
. If you
* use the default managed key, you don't need to perform any extra steps to give Amazon SES permission to use the
* key.
*
*
* -
*
* To use a custom managed key that you created in Amazon Web Services KMS, provide the ARN of the managed key and
* ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more
* information about giving permissions, see the Amazon SES Developer Guide.
*
*
*
*
* For more information about key policies, see the Amazon Web Services KMS Developer
* Guide. If you do not specify a managed key, Amazon SES does not encrypt your emails.
*
*
*
* Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon
* S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the
* Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access
* to use your Amazon Web Services KMS keys for decryption. This encryption client is currently available with the
* Amazon Web Services SDK for Java and Amazon Web Services SDK for Ruby only. For more information about
* client-side encryption using Amazon Web Services KMS managed keys, see the Amazon S3 Developer
* Guide.
*
*
*
* @return The customer managed key that Amazon SES should use to encrypt your emails before saving them to the
* Amazon S3 bucket. You can use the default managed key or a custom managed key that you created in Amazon
* Web Services KMS as follows:
*
* -
*
* To use the default managed key, provide an ARN in the form of
* arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses
. For example, if your Amazon Web
* Services account ID is 123456789012 and you want to use the default managed key in the US West (Oregon)
* Region, the ARN of the default master key would be
* arn:aws:kms:us-west-2:123456789012:alias/aws/ses
. If you use the default managed key, you
* don't need to perform any extra steps to give Amazon SES permission to use the key.
*
*
* -
*
* To use a custom managed key that you created in Amazon Web Services KMS, provide the ARN of the managed
* key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For
* more information about giving permissions, see the Amazon SES Developer
* Guide.
*
*
*
*
* For more information about key policies, see the Amazon Web Services KMS
* Developer Guide. If you do not specify a managed key, Amazon SES does not encrypt your emails.
*
*
*
* Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted
* to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you
* must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the
* service has no access to use your Amazon Web Services KMS keys for decryption. This encryption client is
* currently available with the Amazon Web Services SDK for
* Java and Amazon Web Services SDK for Ruby only. For
* more information about client-side encryption using Amazon Web Services KMS managed keys, see the Amazon S3 Developer
* Guide.
*
*/
public final String kmsKeyArn() {
return kmsKeyArn;
}
/**
*
* The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket,
* optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic.
* This role should have access to the following APIs:
*
*
* -
*
* s3:PutObject
, kms:Encrypt
and kms:GenerateDataKey
for the given Amazon S3
* bucket.
*
*
* -
*
* kms:GenerateDataKey
for the given Amazon Web Services KMS customer managed key.
*
*
* -
*
* sns:Publish
for the given Amazon SNS topic.
*
*
*
*
*
* If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3
* bucket, Amazon Web Services KMS customer managed key and Amazon SNS topic). Therefore, setting up individual
* resource access permissions is not required.
*
*
*
* @return The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket,
* optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS
* topic. This role should have access to the following APIs:
*
* -
*
* s3:PutObject
, kms:Encrypt
and kms:GenerateDataKey
for the given
* Amazon S3 bucket.
*
*
* -
*
* kms:GenerateDataKey
for the given Amazon Web Services KMS customer managed key.
*
*
* -
*
* sns:Publish
for the given Amazon SNS topic.
*
*
*
*
*
* If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources
* (Amazon S3 bucket, Amazon Web Services KMS customer managed key and Amazon SNS topic). Therefore, setting
* up individual resource access permissions is not required.
*
*/
public final String iamRoleArn() {
return iamRoleArn;
}
@Override
public Builder toBuilder() {
return new BuilderImpl(this);
}
public static Builder builder() {
return new BuilderImpl();
}
public static Class extends Builder> serializableBuilderClass() {
return BuilderImpl.class;
}
@Override
public final int hashCode() {
int hashCode = 1;
hashCode = 31 * hashCode + Objects.hashCode(topicArn());
hashCode = 31 * hashCode + Objects.hashCode(bucketName());
hashCode = 31 * hashCode + Objects.hashCode(objectKeyPrefix());
hashCode = 31 * hashCode + Objects.hashCode(kmsKeyArn());
hashCode = 31 * hashCode + Objects.hashCode(iamRoleArn());
return hashCode;
}
@Override
public final boolean equals(Object obj) {
return equalsBySdkFields(obj);
}
@Override
public final boolean equalsBySdkFields(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof S3Action)) {
return false;
}
S3Action other = (S3Action) obj;
return Objects.equals(topicArn(), other.topicArn()) && Objects.equals(bucketName(), other.bucketName())
&& Objects.equals(objectKeyPrefix(), other.objectKeyPrefix()) && Objects.equals(kmsKeyArn(), other.kmsKeyArn())
&& Objects.equals(iamRoleArn(), other.iamRoleArn());
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*/
@Override
public final String toString() {
return ToString.builder("S3Action").add("TopicArn", topicArn()).add("BucketName", bucketName())
.add("ObjectKeyPrefix", objectKeyPrefix()).add("KmsKeyArn", kmsKeyArn()).add("IamRoleArn", iamRoleArn()).build();
}
public final Optional getValueForField(String fieldName, Class clazz) {
switch (fieldName) {
case "TopicArn":
return Optional.ofNullable(clazz.cast(topicArn()));
case "BucketName":
return Optional.ofNullable(clazz.cast(bucketName()));
case "ObjectKeyPrefix":
return Optional.ofNullable(clazz.cast(objectKeyPrefix()));
case "KmsKeyArn":
return Optional.ofNullable(clazz.cast(kmsKeyArn()));
case "IamRoleArn":
return Optional.ofNullable(clazz.cast(iamRoleArn()));
default:
return Optional.empty();
}
}
@Override
public final List> sdkFields() {
return SDK_FIELDS;
}
private static Function