/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include namespace Aws { namespace Utils { namespace Json { class JsonValue; class JsonView; } // namespace Json } // namespace Utils namespace AccessAnalyzer { namespace Model { /** *

Use this structure to propose allowing cryptographic * operations in the grant only when the operation request includes the * specified encryption * context. You can specify only one type of encryption context. An empty map * is treated as not specified. For more information, see GrantConstraints.

See * Also:

AWS * API Reference

*/ class KmsGrantConstraints { public: AWS_ACCESSANALYZER_API KmsGrantConstraints(); AWS_ACCESSANALYZER_API KmsGrantConstraints(Aws::Utils::Json::JsonView jsonValue); AWS_ACCESSANALYZER_API KmsGrantConstraints& operator=(Aws::Utils::Json::JsonView jsonValue); AWS_ACCESSANALYZER_API Aws::Utils::Json::JsonValue Jsonize() const; /** *

A list of key-value pairs that must match the encryption context in the cryptographic * operation request. The grant allows the operation only when the encryption * context in the request is the same as the encryption context specified in this * constraint.

*/ inline const Aws::Map& GetEncryptionContextEquals() const{ return m_encryptionContextEquals; } /** *

*/ inline bool EncryptionContextEqualsHasBeenSet() const { return m_encryptionContextEqualsHasBeenSet; } /** *

*/ inline void SetEncryptionContextEquals(const Aws::Map& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals = value; } /** *

*/ inline void SetEncryptionContextEquals(Aws::Map&& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals = std::move(value); } /** *

*/ inline KmsGrantConstraints& WithEncryptionContextEquals(const Aws::Map& value) { SetEncryptionContextEquals(value); return *this;} /** *

*/ inline KmsGrantConstraints& WithEncryptionContextEquals(Aws::Map&& value) { SetEncryptionContextEquals(std::move(value)); return *this;} /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(const Aws::String& key, const Aws::String& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(key, value); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(Aws::String&& key, const Aws::String& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(std::move(key), value); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(const Aws::String& key, Aws::String&& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(key, std::move(value)); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(Aws::String&& key, Aws::String&& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(std::move(key), std::move(value)); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(const char* key, Aws::String&& value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(key, std::move(value)); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(Aws::String&& key, const char* value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(std::move(key), value); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextEquals(const char* key, const char* value) { m_encryptionContextEqualsHasBeenSet = true; m_encryptionContextEquals.emplace(key, value); return *this; } /** *

A list of key-value pairs that must be included in the encryption context of * the cryptographic * operation request. The grant allows the cryptographic operation only when * the encryption context in the request includes the key-value pairs specified in * this constraint, although it can include additional key-value pairs.

*/ inline const Aws::Map& GetEncryptionContextSubset() const{ return m_encryptionContextSubset; } /** *

*/ inline bool EncryptionContextSubsetHasBeenSet() const { return m_encryptionContextSubsetHasBeenSet; } /** *

*/ inline void SetEncryptionContextSubset(const Aws::Map& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset = value; } /** *

*/ inline void SetEncryptionContextSubset(Aws::Map&& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset = std::move(value); } /** *

*/ inline KmsGrantConstraints& WithEncryptionContextSubset(const Aws::Map& value) { SetEncryptionContextSubset(value); return *this;} /** *

*/ inline KmsGrantConstraints& WithEncryptionContextSubset(Aws::Map&& value) { SetEncryptionContextSubset(std::move(value)); return *this;} /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(const Aws::String& key, const Aws::String& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(key, value); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(Aws::String&& key, const Aws::String& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(std::move(key), value); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(const Aws::String& key, Aws::String&& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(key, std::move(value)); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(Aws::String&& key, Aws::String&& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(std::move(key), std::move(value)); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(const char* key, Aws::String&& value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(key, std::move(value)); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(Aws::String&& key, const char* value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(std::move(key), value); return *this; } /** *

*/ inline KmsGrantConstraints& AddEncryptionContextSubset(const char* key, const char* value) { m_encryptionContextSubsetHasBeenSet = true; m_encryptionContextSubset.emplace(key, value); return *this; } private: Aws::Map m_encryptionContextEquals; bool m_encryptionContextEqualsHasBeenSet = false; Aws::Map m_encryptionContextSubset; bool m_encryptionContextSubsetHasBeenSet = false; }; } // namespace Model } // namespace AccessAnalyzer } // namespace Aws