/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include namespace Aws { namespace KMS { namespace Model { /** */ class PutKeyPolicyRequest : public KMSRequest { public: AWS_KMS_API PutKeyPolicyRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "PutKeyPolicy"; } AWS_KMS_API Aws::String SerializePayload() const override; AWS_KMS_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline const Aws::String& GetKeyId() const{ return m_keyId; } /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline bool KeyIdHasBeenSet() const { return m_keyIdHasBeenSet; } /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline void SetKeyId(const Aws::String& value) { m_keyIdHasBeenSet = true; m_keyId = value; } /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline void SetKeyId(Aws::String&& value) { m_keyIdHasBeenSet = true; m_keyId = std::move(value); } /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline void SetKeyId(const char* value) { m_keyIdHasBeenSet = true; m_keyId.assign(value); } /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline PutKeyPolicyRequest& WithKeyId(const Aws::String& value) { SetKeyId(value); return *this;} /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline PutKeyPolicyRequest& WithKeyId(Aws::String&& value) { SetKeyId(std::move(value)); return *this;} /** *

Sets the key policy on the specified KMS key.

Specify the key ID or * key ARN of the KMS key.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey.

*/ inline PutKeyPolicyRequest& WithKeyId(const char* value) { SetKeyId(value); return *this;} /** *

The name of the key policy. The only valid value is default.

*/ inline const Aws::String& GetPolicyName() const{ return m_policyName; } /** *

The name of the key policy. The only valid value is default.

*/ inline bool PolicyNameHasBeenSet() const { return m_policyNameHasBeenSet; } /** *

The name of the key policy. The only valid value is default.

*/ inline void SetPolicyName(const Aws::String& value) { m_policyNameHasBeenSet = true; m_policyName = value; } /** *

The name of the key policy. The only valid value is default.

*/ inline void SetPolicyName(Aws::String&& value) { m_policyNameHasBeenSet = true; m_policyName = std::move(value); } /** *

The name of the key policy. The only valid value is default.

*/ inline void SetPolicyName(const char* value) { m_policyNameHasBeenSet = true; m_policyName.assign(value); } /** *

The name of the key policy. The only valid value is default.

*/ inline PutKeyPolicyRequest& WithPolicyName(const Aws::String& value) { SetPolicyName(value); return *this;} /** *

The name of the key policy. The only valid value is default.

*/ inline PutKeyPolicyRequest& WithPolicyName(Aws::String&& value) { SetPolicyName(std::move(value)); return *this;} /** *

The name of the key policy. The only valid value is default.

*/ inline PutKeyPolicyRequest& WithPolicyName(const char* value) { SetPolicyName(value); return *this;} /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

For information about key policies, see Key * policies in KMS in the Key Management Service Developer Guide.For * help writing and formatting a JSON policy document, see the IAM * JSON Policy Reference in the Identity and Access Management User * Guide .

*/ inline const Aws::String& GetPolicy() const{ return m_policy; } /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline bool PolicyHasBeenSet() const { return m_policyHasBeenSet; } /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline void SetPolicy(const Aws::String& value) { m_policyHasBeenSet = true; m_policy = value; } /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline void SetPolicy(Aws::String&& value) { m_policyHasBeenSet = true; m_policy = std::move(value); } /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline void SetPolicy(const char* value) { m_policyHasBeenSet = true; m_policy.assign(value); } /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline PutKeyPolicyRequest& WithPolicy(const Aws::String& value) { SetPolicy(value); return *this;} /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline PutKeyPolicyRequest& WithPolicy(Aws::String&& value) { SetPolicy(std::move(value)); return *this;} /** *

The key policy to attach to the KMS key.

The key policy must meet the * following criteria:

The key policy must allow the calling * principal to make a subsequent PutKeyPolicy request on the KMS key. * This reduces the risk that the KMS key becomes unmanageable. For more * information, see Default * key policy in the Key Management Service Developer Guide. (To omit * this condition, set BypassPolicyLockoutSafetyCheck to true.)
*
Each statement in the key policy must contain one or more * principals. The principals in the key policy must exist and be visible to KMS. * When you create a new Amazon Web Services principal, you might need to enforce a * delay before including the new principal in a key policy because the new * principal might not be immediately visible to KMS. For more information, see Changes * that I make are not always immediately visible in the Amazon Web Services * Identity and Access Management User Guide.

A key policy * document can include only the following characters:

Printable * ASCII characters from the space character (\u0020) through the end * of the ASCII character range.
Printable characters in the * Basic Latin and Latin-1 Supplement character set (through * \u00FF).
The tab (\u0009), line feed * (\u000A), and carriage return (\u000D) special * characters

*/ inline PutKeyPolicyRequest& WithPolicy(const char* value) { SetPolicy(value); return *this;} /** *

Skips ("bypasses") the key policy lockout safety check. The default value is * false.

Setting this value to true increases the risk that the * KMS key becomes unmanageable. Do not set this value to true * indiscriminately.

For more information, see Default * key policy in the Key Management Service Developer Guide.

Use this parameter only when you intend to prevent the principal * that is making the request from making a subsequent PutKeyPolicy request * on the KMS key.

*/ inline bool GetBypassPolicyLockoutSafetyCheck() const{ return m_bypassPolicyLockoutSafetyCheck; } /** *

Skips ("bypasses") the key policy lockout safety check. The default value is * false.

Setting this value to true increases the risk that the * KMS key becomes unmanageable. Do not set this value to true * indiscriminately.

For more information, see Default * key policy in the Key Management Service Developer Guide.

Use this parameter only when you intend to prevent the principal * that is making the request from making a subsequent PutKeyPolicy request * on the KMS key.

*/ inline bool BypassPolicyLockoutSafetyCheckHasBeenSet() const { return m_bypassPolicyLockoutSafetyCheckHasBeenSet; } /** *

Skips ("bypasses") the key policy lockout safety check. The default value is * false.

Setting this value to true increases the risk that the * KMS key becomes unmanageable. Do not set this value to true * indiscriminately.

For more information, see Default * key policy in the Key Management Service Developer Guide.

Use this parameter only when you intend to prevent the principal * that is making the request from making a subsequent PutKeyPolicy request * on the KMS key.

*/ inline void SetBypassPolicyLockoutSafetyCheck(bool value) { m_bypassPolicyLockoutSafetyCheckHasBeenSet = true; m_bypassPolicyLockoutSafetyCheck = value; } /** *

Skips ("bypasses") the key policy lockout safety check. The default value is * false.

Setting this value to true increases the risk that the * KMS key becomes unmanageable. Do not set this value to true * indiscriminately.

For more information, see Default * key policy in the Key Management Service Developer Guide.

Use this parameter only when you intend to prevent the principal * that is making the request from making a subsequent PutKeyPolicy request * on the KMS key.

*/ inline PutKeyPolicyRequest& WithBypassPolicyLockoutSafetyCheck(bool value) { SetBypassPolicyLockoutSafetyCheck(value); return *this;} private: Aws::String m_keyId; bool m_keyIdHasBeenSet = false; Aws::String m_policyName; bool m_policyNameHasBeenSet = false; Aws::String m_policy; bool m_policyHasBeenSet = false; bool m_bypassPolicyLockoutSafetyCheck; bool m_bypassPolicyLockoutSafetyCheckHasBeenSet = false; }; } // namespace Model } // namespace KMS } // namespace Aws