/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include namespace Aws { namespace KMS { namespace Model { /** */ class GetParametersForImportRequest : public KMSRequest { public: AWS_KMS_API GetParametersForImportRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "GetParametersForImport"; } AWS_KMS_API Aws::String SerializePayload() const override; AWS_KMS_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline const Aws::String& GetKeyId() const{ return m_keyId; } /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline bool KeyIdHasBeenSet() const { return m_keyIdHasBeenSet; } /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline void SetKeyId(const Aws::String& value) { m_keyIdHasBeenSet = true; m_keyId = value; } /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline void SetKeyId(Aws::String&& value) { m_keyIdHasBeenSet = true; m_keyId = std::move(value); } /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline void SetKeyId(const char* value) { m_keyIdHasBeenSet = true; m_keyId.assign(value); } /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline GetParametersForImportRequest& WithKeyId(const Aws::String& value) { SetKeyId(value); return *this;} /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline GetParametersForImportRequest& WithKeyId(Aws::String&& value) { SetKeyId(std::move(value)); return *this;} /** *

The identifier of the KMS key that will be associated with the imported key * material. The Origin of the KMS key must be * EXTERNAL.

All KMS key types are supported, including * multi-Region keys. However, you cannot import key material into a KMS key in a * custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline GetParametersForImportRequest& WithKeyId(const char* value) { SetKeyId(value); return *this;} /** *

The algorithm you will use with the RSA public key (PublicKey) * in the response to protect your key material during import. For more * information, see Select * a wrapping algorithm in the Key Management Service Developer * Guide.

For RSA_AES wrapping algorithms, you encrypt your key material * with an AES key that you generate, then encrypt your AES key with the RSA public * key from KMS. For RSAES wrapping algorithms, you encrypt your key material * directly with the RSA public key from KMS.

The wrapping algorithms that * you can use depend on the type of key material that you are importing. To import * an RSA private key, you must use an RSA_AES wrapping algorithm.

*
RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and ECC key * material.
RSA_AES_KEY_WRAP_SHA_1 — Supported for * wrapping RSA and ECC key material.
RSAES_OAEP_SHA_256 * — Supported for all types of key material, except RSA key material (private * key).

You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with the * RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
*
RSAES_OAEP_SHA_1 — Supported for all types of key material, except * RSA key material (private key).

You cannot use the RSAES_OAEP_SHA_1 * wrapping algorithm with the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key * material.
RSAES_PKCS1_V1_5 (Deprecated) — Supported * only for symmetric encryption key material (and only in legacy mode).

*/ inline const AlgorithmSpec& GetWrappingAlgorithm() const{ return m_wrappingAlgorithm; } /** *

The wrapping algorithms that * you can use depend on the type of key material that you are importing. To import * an RSA private key, you must use an RSA_AES wrapping algorithm.

*
RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and ECC key * material.
RSA_AES_KEY_WRAP_SHA_1 — Supported for * wrapping RSA and ECC key material.
RSAES_OAEP_SHA_256 * — Supported for all types of key material, except RSA key material (private * key).

You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with the * RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
*
RSAES_OAEP_SHA_1 — Supported for all types of key material, except * RSA key material (private key).

You cannot use the RSAES_OAEP_SHA_1 * wrapping algorithm with the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key * material.
RSAES_PKCS1_V1_5 (Deprecated) — Supported * only for symmetric encryption key material (and only in legacy mode).

*/ inline bool WrappingAlgorithmHasBeenSet() const { return m_wrappingAlgorithmHasBeenSet; } /** *

The wrapping algorithms that * you can use depend on the type of key material that you are importing. To import * an RSA private key, you must use an RSA_AES wrapping algorithm.

*
RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and ECC key * material.
RSA_AES_KEY_WRAP_SHA_1 — Supported for * wrapping RSA and ECC key material.
RSAES_OAEP_SHA_256 * — Supported for all types of key material, except RSA key material (private * key).

You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with the * RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
*
RSAES_OAEP_SHA_1 — Supported for all types of key material, except * RSA key material (private key).

You cannot use the RSAES_OAEP_SHA_1 * wrapping algorithm with the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key * material.
RSAES_PKCS1_V1_5 (Deprecated) — Supported * only for symmetric encryption key material (and only in legacy mode).

*/ inline void SetWrappingAlgorithm(const AlgorithmSpec& value) { m_wrappingAlgorithmHasBeenSet = true; m_wrappingAlgorithm = value; } /** *

The wrapping algorithms that * you can use depend on the type of key material that you are importing. To import * an RSA private key, you must use an RSA_AES wrapping algorithm.

*
RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and ECC key * material.
RSA_AES_KEY_WRAP_SHA_1 — Supported for * wrapping RSA and ECC key material.
RSAES_OAEP_SHA_256 * — Supported for all types of key material, except RSA key material (private * key).

You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with the * RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
*
RSAES_OAEP_SHA_1 — Supported for all types of key material, except * RSA key material (private key).

You cannot use the RSAES_OAEP_SHA_1 * wrapping algorithm with the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key * material.
RSAES_PKCS1_V1_5 (Deprecated) — Supported * only for symmetric encryption key material (and only in legacy mode).

*/ inline void SetWrappingAlgorithm(AlgorithmSpec&& value) { m_wrappingAlgorithmHasBeenSet = true; m_wrappingAlgorithm = std::move(value); } /** *

The wrapping algorithms that * you can use depend on the type of key material that you are importing. To import * an RSA private key, you must use an RSA_AES wrapping algorithm.

*
RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and ECC key * material.
RSA_AES_KEY_WRAP_SHA_1 — Supported for * wrapping RSA and ECC key material.
RSAES_OAEP_SHA_256 * — Supported for all types of key material, except RSA key material (private * key).

You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with the * RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
*
RSAES_OAEP_SHA_1 — Supported for all types of key material, except * RSA key material (private key).

You cannot use the RSAES_OAEP_SHA_1 * wrapping algorithm with the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key * material.
RSAES_PKCS1_V1_5 (Deprecated) — Supported * only for symmetric encryption key material (and only in legacy mode).

*/ inline GetParametersForImportRequest& WithWrappingAlgorithm(const AlgorithmSpec& value) { SetWrappingAlgorithm(value); return *this;} /** *

The wrapping algorithms that * you can use depend on the type of key material that you are importing. To import * an RSA private key, you must use an RSA_AES wrapping algorithm.

*
RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and ECC key * material.
RSA_AES_KEY_WRAP_SHA_1 — Supported for * wrapping RSA and ECC key material.
RSAES_OAEP_SHA_256 * — Supported for all types of key material, except RSA key material (private * key).

You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with the * RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
*
RSAES_OAEP_SHA_1 — Supported for all types of key material, except * RSA key material (private key).

You cannot use the RSAES_OAEP_SHA_1 * wrapping algorithm with the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key * material.
RSAES_PKCS1_V1_5 (Deprecated) — Supported * only for symmetric encryption key material (and only in legacy mode).

*/ inline GetParametersForImportRequest& WithWrappingAlgorithm(AlgorithmSpec&& value) { SetWrappingAlgorithm(std::move(value)); return *this;} /** *

The type of RSA public key to return in the response. You will use this * wrapping key with the specified wrapping algorithm to protect your key material * during import.

Use the longest RSA wrapping key that is practical.

You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 * private key. Instead, use an RSA_AES wrapping algorithm or choose a longer RSA * public key.

*/ inline const WrappingKeySpec& GetWrappingKeySpec() const{ return m_wrappingKeySpec; } /** *

The type of RSA public key to return in the response. You will use this * wrapping key with the specified wrapping algorithm to protect your key material * during import.

Use the longest RSA wrapping key that is practical.

You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 * private key. Instead, use an RSA_AES wrapping algorithm or choose a longer RSA * public key.

*/ inline bool WrappingKeySpecHasBeenSet() const { return m_wrappingKeySpecHasBeenSet; } /** *

The type of RSA public key to return in the response. You will use this * wrapping key with the specified wrapping algorithm to protect your key material * during import.

Use the longest RSA wrapping key that is practical.

You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 * private key. Instead, use an RSA_AES wrapping algorithm or choose a longer RSA * public key.

*/ inline void SetWrappingKeySpec(const WrappingKeySpec& value) { m_wrappingKeySpecHasBeenSet = true; m_wrappingKeySpec = value; } /** *

The type of RSA public key to return in the response. You will use this * wrapping key with the specified wrapping algorithm to protect your key material * during import.

Use the longest RSA wrapping key that is practical.

You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 * private key. Instead, use an RSA_AES wrapping algorithm or choose a longer RSA * public key.

*/ inline void SetWrappingKeySpec(WrappingKeySpec&& value) { m_wrappingKeySpecHasBeenSet = true; m_wrappingKeySpec = std::move(value); } /** *

The type of RSA public key to return in the response. You will use this * wrapping key with the specified wrapping algorithm to protect your key material * during import.

Use the longest RSA wrapping key that is practical.

You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 * private key. Instead, use an RSA_AES wrapping algorithm or choose a longer RSA * public key.

*/ inline GetParametersForImportRequest& WithWrappingKeySpec(const WrappingKeySpec& value) { SetWrappingKeySpec(value); return *this;} /** *

The type of RSA public key to return in the response. You will use this * wrapping key with the specified wrapping algorithm to protect your key material * during import.

Use the longest RSA wrapping key that is practical.

You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 * private key. Instead, use an RSA_AES wrapping algorithm or choose a longer RSA * public key.

*/ inline GetParametersForImportRequest& WithWrappingKeySpec(WrappingKeySpec&& value) { SetWrappingKeySpec(std::move(value)); return *this;} private: Aws::String m_keyId; bool m_keyIdHasBeenSet = false; AlgorithmSpec m_wrappingAlgorithm; bool m_wrappingAlgorithmHasBeenSet = false; WrappingKeySpec m_wrappingKeySpec; bool m_wrappingKeySpecHasBeenSet = false; }; } // namespace Model } // namespace KMS } // namespace Aws