* Attaches a key policy to the specified KMS key. *
** For more information about key policies, see Key * Policies in the Key Management Service Developer Guide. For help * writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the Identity and Access Management * User Guide . For examples of adding a key policy in multiple * programming languages, see Setting a key policy in the Key Management Service Developer * Guide. *
** Cross-account use: No. You cannot perform this operation on a KMS key * in a different Amazon Web Services account. *
** Required permissions: kms:PutKeyPolicy (key policy) *
** Related operations: GetKeyPolicy *
*/ public class PutKeyPolicyRequest extends AmazonWebServiceRequest implements Serializable { /** ** Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. *
*
* Constraints:
* Length: 1 - 2048
*/
private String keyId;
/**
*
* The name of the key policy. The only valid value is default.
*
* Constraints:
* Length: 1 - 128
* Pattern: [\w]+
*/
private String policyName;
/**
*
* The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a subsequent
* PutKeyPolicy request on the KMS key. This reduces the risk
* that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer
* Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more principals. The * principals in the key policy must exist and be visible to KMS. When you * create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, * see Changes that I make are not always immediately visible in the * Amazon Web Services Identity and Access Management User Guide. *
** A key policy document can include only the following characters: *
*
* Printable ASCII characters from the space character (\u0020)
* through the end of the ASCII character range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement character
* set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A), and
* carriage return (\u000D) special characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service Developer * Guide.For help writing and formatting a JSON policy document, see the * IAM JSON Policy Reference in the Identity and Access * Management User Guide . *
*
* Constraints:
* Length: 1 - 131072
* Pattern: [ -\u00FF]+
*/
private String policy;
/**
*
* Skips ("bypasses") the key policy lockout safety check. The default value * is false. *
** Setting this value to true increases the risk that the KMS key becomes * unmanageable. Do not set this value to true indiscriminately. *
** For more information, see Default key policy in the Key Management Service Developer * Guide. *
** Use this parameter only when you intend to prevent the principal that is * making the request from making a subsequent PutKeyPolicy request * on the KMS key. *
*/ private Boolean bypassPolicyLockoutSafetyCheck; /** ** Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. *
*
* Constraints:
* Length: 1 - 2048
*
* @return
* Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use ListKeys * or DescribeKey. *
*/ public String getKeyId() { return keyId; } /** ** Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. *
*
* Constraints:
* Length: 1 - 2048
*
* @param keyId
* Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. *
*/ public void setKeyId(String keyId) { this.keyId = keyId; } /** ** Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. *
** Returns a reference to this object so that method calls can be chained * together. *
* Constraints:
* Length: 1 - 2048
*
* @param keyId
* Sets the key policy on the specified KMS key. *
** Specify the key ID or key ARN of the KMS key. *
** For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN:
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. *
* @return A reference to this updated object so that method calls can be * chained together. */ public PutKeyPolicyRequest withKeyId(String keyId) { this.keyId = keyId; return this; } /** *
* The name of the key policy. The only valid value is default.
*
* Constraints:
* Length: 1 - 128
* Pattern: [\w]+
*
* @return
* The name of the key policy. The only valid value is
* default.
*
* The name of the key policy. The only valid value is default.
*
* Constraints:
* Length: 1 - 128
* Pattern: [\w]+
*
* @param policyName
* The name of the key policy. The only valid value is
* default.
*
* The name of the key policy. The only valid value is default.
*
* Returns a reference to this object so that method calls can be chained * together. *
* Constraints:
* Length: 1 - 128
* Pattern: [\w]+
*
* @param policyName
* The name of the key policy. The only valid value is
* default.
*
* The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a subsequent
* PutKeyPolicy request on the KMS key. This reduces the risk
* that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer
* Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more principals. The * principals in the key policy must exist and be visible to KMS. When you * create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, * see Changes that I make are not always immediately visible in the * Amazon Web Services Identity and Access Management User Guide. *
** A key policy document can include only the following characters: *
*
* Printable ASCII characters from the space character (\u0020)
* through the end of the ASCII character range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement character
* set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A), and
* carriage return (\u000D) special characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service Developer * Guide.For help writing and formatting a JSON policy document, see the * IAM JSON Policy Reference in the Identity and Access * Management User Guide . *
*
* Constraints:
* Length: 1 - 131072
* Pattern: [ -\u00FF]+
*
* @return
* The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a
* subsequent PutKeyPolicy request on the KMS key. This
* reduces the risk that the KMS key becomes unmanageable. For more
* information, see Default key policy in the Key Management Service
* Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be * visible to KMS. When you create a new Amazon Web Services * principal, you might need to enforce a delay before including the * new principal in a key policy because the new principal might not * be immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in * the Amazon Web Services Identity and Access Management User * Guide. *
** A key policy document can include only the following characters: *
*
* Printable ASCII characters from the space character (
* \u0020) through the end of the ASCII character
* range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement
* character set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A),
* and carriage return (\u000D) special characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service * Developer Guide.For help writing and formatting a JSON policy * document, see the IAM JSON Policy Reference in the Identity and Access * Management User Guide . *
*/ public String getPolicy() { return policy; } /** ** The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a subsequent
* PutKeyPolicy request on the KMS key. This reduces the risk
* that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer
* Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more principals. The * principals in the key policy must exist and be visible to KMS. When you * create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, * see Changes that I make are not always immediately visible in the * Amazon Web Services Identity and Access Management User Guide. *
** A key policy document can include only the following characters: *
*
* Printable ASCII characters from the space character (\u0020)
* through the end of the ASCII character range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement character
* set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A), and
* carriage return (\u000D) special characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service Developer * Guide.For help writing and formatting a JSON policy document, see the * IAM JSON Policy Reference in the Identity and Access * Management User Guide . *
*
* Constraints:
* Length: 1 - 131072
* Pattern: [ -\u00FF]+
*
* @param policy
* The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a
* subsequent PutKeyPolicy request on the KMS key.
* This reduces the risk that the KMS key becomes unmanageable.
* For more information, see Default key policy in the Key Management Service
* Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be * visible to KMS. When you create a new Amazon Web Services * principal, you might need to enforce a delay before including * the new principal in a key policy because the new principal * might not be immediately visible to KMS. For more information, * see Changes that I make are not always immediately visible in * the Amazon Web Services Identity and Access Management User * Guide. *
** A key policy document can include only the following * characters: *
*
* Printable ASCII characters from the space character (
* \u0020) through the end of the ASCII character
* range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement
* character set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A
* ), and carriage return (\u000D) special
* characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service * Developer Guide.For help writing and formatting a JSON * policy document, see the IAM JSON Policy Reference in the Identity and * Access Management User Guide . *
*/ public void setPolicy(String policy) { this.policy = policy; } /** ** The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a subsequent
* PutKeyPolicy request on the KMS key. This reduces the risk
* that the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer
* Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more principals. The * principals in the key policy must exist and be visible to KMS. When you * create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, * see Changes that I make are not always immediately visible in the * Amazon Web Services Identity and Access Management User Guide. *
** A key policy document can include only the following characters: *
*
* Printable ASCII characters from the space character (\u0020)
* through the end of the ASCII character range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement character
* set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A), and
* carriage return (\u000D) special characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service Developer * Guide.For help writing and formatting a JSON policy document, see the * IAM JSON Policy Reference in the Identity and Access * Management User Guide . *
** Returns a reference to this object so that method calls can be chained * together. *
* Constraints:
* Length: 1 - 131072
* Pattern: [ -\u00FF]+
*
* @param policy
* The key policy to attach to the KMS key. *
** The key policy must meet the following criteria: *
*
* The key policy must allow the calling principal to make a
* subsequent PutKeyPolicy request on the KMS key.
* This reduces the risk that the KMS key becomes unmanageable.
* For more information, see Default key policy in the Key Management Service
* Developer Guide. (To omit this condition, set
* BypassPolicyLockoutSafetyCheck to true.)
*
* Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be * visible to KMS. When you create a new Amazon Web Services * principal, you might need to enforce a delay before including * the new principal in a key policy because the new principal * might not be immediately visible to KMS. For more information, * see Changes that I make are not always immediately visible in * the Amazon Web Services Identity and Access Management User * Guide. *
** A key policy document can include only the following * characters: *
*
* Printable ASCII characters from the space character (
* \u0020) through the end of the ASCII character
* range.
*
* Printable characters in the Basic Latin and Latin-1 Supplement
* character set (through \u00FF).
*
* The tab (\u0009), line feed (\u000A
* ), and carriage return (\u000D) special
* characters
*
* For information about key policies, see Key policies in KMS in the Key Management Service * Developer Guide.For help writing and formatting a JSON * policy document, see the IAM JSON Policy Reference in the Identity and * Access Management User Guide . *
* @return A reference to this updated object so that method calls can be * chained together. */ public PutKeyPolicyRequest withPolicy(String policy) { this.policy = policy; return this; } /** ** Skips ("bypasses") the key policy lockout safety check. The default value * is false. *
** Setting this value to true increases the risk that the KMS key becomes * unmanageable. Do not set this value to true indiscriminately. *
** For more information, see Default key policy in the Key Management Service Developer * Guide. *
** Use this parameter only when you intend to prevent the principal that is * making the request from making a subsequent PutKeyPolicy request * on the KMS key. *
* * @return* Skips ("bypasses") the key policy lockout safety check. The * default value is false. *
** Setting this value to true increases the risk that the KMS key * becomes unmanageable. Do not set this value to true * indiscriminately. *
** For more information, see Default key policy in the Key Management Service * Developer Guide. *
** Use this parameter only when you intend to prevent the principal * that is making the request from making a subsequent * PutKeyPolicy request on the KMS key. *
*/ public Boolean isBypassPolicyLockoutSafetyCheck() { return bypassPolicyLockoutSafetyCheck; } /** ** Skips ("bypasses") the key policy lockout safety check. The default value * is false. *
** Setting this value to true increases the risk that the KMS key becomes * unmanageable. Do not set this value to true indiscriminately. *
** For more information, see Default key policy in the Key Management Service Developer * Guide. *
** Use this parameter only when you intend to prevent the principal that is * making the request from making a subsequent PutKeyPolicy request * on the KMS key. *
* * @return* Skips ("bypasses") the key policy lockout safety check. The * default value is false. *
** Setting this value to true increases the risk that the KMS key * becomes unmanageable. Do not set this value to true * indiscriminately. *
** For more information, see Default key policy in the Key Management Service * Developer Guide. *
** Use this parameter only when you intend to prevent the principal * that is making the request from making a subsequent * PutKeyPolicy request on the KMS key. *
*/ public Boolean getBypassPolicyLockoutSafetyCheck() { return bypassPolicyLockoutSafetyCheck; } /** ** Skips ("bypasses") the key policy lockout safety check. The default value * is false. *
** Setting this value to true increases the risk that the KMS key becomes * unmanageable. Do not set this value to true indiscriminately. *
** For more information, see Default key policy in the Key Management Service Developer * Guide. *
** Use this parameter only when you intend to prevent the principal that is * making the request from making a subsequent PutKeyPolicy request * on the KMS key. *
* * @param bypassPolicyLockoutSafetyCheck* Skips ("bypasses") the key policy lockout safety check. The * default value is false. *
** Setting this value to true increases the risk that the KMS key * becomes unmanageable. Do not set this value to true * indiscriminately. *
** For more information, see Default key policy in the Key Management Service * Developer Guide. *
** Use this parameter only when you intend to prevent the * principal that is making the request from making a subsequent * PutKeyPolicy request on the KMS key. *
*/ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) { this.bypassPolicyLockoutSafetyCheck = bypassPolicyLockoutSafetyCheck; } /** ** Skips ("bypasses") the key policy lockout safety check. The default value * is false. *
** Setting this value to true increases the risk that the KMS key becomes * unmanageable. Do not set this value to true indiscriminately. *
** For more information, see Default key policy in the Key Management Service Developer * Guide. *
** Use this parameter only when you intend to prevent the principal that is * making the request from making a subsequent PutKeyPolicy request * on the KMS key. *
** Returns a reference to this object so that method calls can be chained * together. * * @param bypassPolicyLockoutSafetyCheck
* Skips ("bypasses") the key policy lockout safety check. The * default value is false. *
** Setting this value to true increases the risk that the KMS key * becomes unmanageable. Do not set this value to true * indiscriminately. *
** For more information, see Default key policy in the Key Management Service * Developer Guide. *
** Use this parameter only when you intend to prevent the * principal that is making the request from making a subsequent * PutKeyPolicy request on the KMS key. *
* @return A reference to this updated object so that method calls can be * chained together. */ public PutKeyPolicyRequest withBypassPolicyLockoutSafetyCheck( Boolean bypassPolicyLockoutSafetyCheck) { this.bypassPolicyLockoutSafetyCheck = bypassPolicyLockoutSafetyCheck; return this; } /** * Returns a string representation of this object; useful for testing and * debugging. * * @return A string representation of this object. * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKeyId() != null) sb.append("KeyId: " + getKeyId() + ","); if (getPolicyName() != null) sb.append("PolicyName: " + getPolicyName() + ","); if (getPolicy() != null) sb.append("Policy: " + getPolicy() + ","); if (getBypassPolicyLockoutSafetyCheck() != null) sb.append("BypassPolicyLockoutSafetyCheck: " + getBypassPolicyLockoutSafetyCheck()); sb.append("}"); return sb.toString(); } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); hashCode = prime * hashCode + ((getPolicyName() == null) ? 0 : getPolicyName().hashCode()); hashCode = prime * hashCode + ((getPolicy() == null) ? 0 : getPolicy().hashCode()); hashCode = prime * hashCode + ((getBypassPolicyLockoutSafetyCheck() == null) ? 0 : getBypassPolicyLockoutSafetyCheck().hashCode()); return hashCode; } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof PutKeyPolicyRequest == false) return false; PutKeyPolicyRequest other = (PutKeyPolicyRequest) obj; if (other.getKeyId() == null ^ this.getKeyId() == null) return false; if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) return false; if (other.getPolicyName() == null ^ this.getPolicyName() == null) return false; if (other.getPolicyName() != null && other.getPolicyName().equals(this.getPolicyName()) == false) return false; if (other.getPolicy() == null ^ this.getPolicy() == null) return false; if (other.getPolicy() != null && other.getPolicy().equals(this.getPolicy()) == false) return false; if (other.getBypassPolicyLockoutSafetyCheck() == null ^ this.getBypassPolicyLockoutSafetyCheck() == null) return false; if (other.getBypassPolicyLockoutSafetyCheck() != null && other.getBypassPolicyLockoutSafetyCheck().equals( this.getBypassPolicyLockoutSafetyCheck()) == false) return false; return true; } }