/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include #include namespace Aws { namespace KMS { namespace Model { /** */ class ReEncryptRequest : public KMSRequest { public: AWS_KMS_API ReEncryptRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "ReEncrypt"; } AWS_KMS_API Aws::String SerializePayload() const override; AWS_KMS_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

Ciphertext of the data to reencrypt.

*/ inline const Aws::Utils::ByteBuffer& GetCiphertextBlob() const{ return m_ciphertextBlob; } /** *

Ciphertext of the data to reencrypt.

*/ inline bool CiphertextBlobHasBeenSet() const { return m_ciphertextBlobHasBeenSet; } /** *

Ciphertext of the data to reencrypt.

*/ inline void SetCiphertextBlob(const Aws::Utils::ByteBuffer& value) { m_ciphertextBlobHasBeenSet = true; m_ciphertextBlob = value; } /** *

Ciphertext of the data to reencrypt.

*/ inline void SetCiphertextBlob(Aws::Utils::ByteBuffer&& value) { m_ciphertextBlobHasBeenSet = true; m_ciphertextBlob = std::move(value); } /** *

Ciphertext of the data to reencrypt.

*/ inline ReEncryptRequest& WithCiphertextBlob(const Aws::Utils::ByteBuffer& value) { SetCiphertextBlob(value); return *this;} /** *

Ciphertext of the data to reencrypt.

*/ inline ReEncryptRequest& WithCiphertextBlob(Aws::Utils::ByteBuffer&& value) { SetCiphertextBlob(std::move(value)); return *this;} /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

An * encryption context is a collection of non-secret key-value pairs that * represent additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is supported only * on operations with symmetric encryption KMS keys. On operations with symmetric * encryption KMS keys, an encryption context is optional, but it is strongly * recommended.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline const Aws::Map& GetSourceEncryptionContext() const{ return m_sourceEncryptionContext; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline bool SourceEncryptionContextHasBeenSet() const { return m_sourceEncryptionContextHasBeenSet; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline void SetSourceEncryptionContext(const Aws::Map& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext = value; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline void SetSourceEncryptionContext(Aws::Map&& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext = std::move(value); } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& WithSourceEncryptionContext(const Aws::Map& value) { SetSourceEncryptionContext(value); return *this;} /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& WithSourceEncryptionContext(Aws::Map&& value) { SetSourceEncryptionContext(std::move(value)); return *this;} /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(const Aws::String& key, const Aws::String& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(key, value); return *this; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(Aws::String&& key, const Aws::String& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(const Aws::String& key, Aws::String&& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(Aws::String&& key, Aws::String&& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(std::move(key), std::move(value)); return *this; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(const char* key, Aws::String&& value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(Aws::String&& key, const char* value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies the encryption context to use to decrypt the ciphertext. Enter the * same encryption context that was used to encrypt the ciphertext.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddSourceEncryptionContext(const char* key, const char* value) { m_sourceEncryptionContextHasBeenSet = true; m_sourceEncryptionContext.emplace(key, value); return *this; } /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

This parameter is * required only when the ciphertext was encrypted under an asymmetric KMS key. If * you used a symmetric encryption KMS key, KMS can get the KMS key from metadata * that it adds to the symmetric ciphertext blob. However, it is always recommended * as a best practice. This practice ensures that you use the KMS key that you * intend.

To specify a KMS key, use its key ID, key ARN, alias name, or * alias ARN. When using an alias name, prefix it with "alias/". To * specify a KMS key in a different Amazon Web Services account, you must use the * key ARN or alias ARN.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline const Aws::String& GetSourceKeyId() const{ return m_sourceKeyId; } /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline bool SourceKeyIdHasBeenSet() const { return m_sourceKeyIdHasBeenSet; } /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetSourceKeyId(const Aws::String& value) { m_sourceKeyIdHasBeenSet = true; m_sourceKeyId = value; } /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetSourceKeyId(Aws::String&& value) { m_sourceKeyIdHasBeenSet = true; m_sourceKeyId = std::move(value); } /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetSourceKeyId(const char* value) { m_sourceKeyIdHasBeenSet = true; m_sourceKeyId.assign(value); } /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline ReEncryptRequest& WithSourceKeyId(const Aws::String& value) { SetSourceKeyId(value); return *this;} /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline ReEncryptRequest& WithSourceKeyId(Aws::String&& value) { SetSourceKeyId(std::move(value)); return *this;} /** *

Specifies the KMS key that KMS will use to decrypt the ciphertext before it * is re-encrypted.

Enter a key ID of the KMS key that was used to encrypt * the ciphertext. If you identify a different KMS key, the ReEncrypt * operation throws an IncorrectKeyException.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline ReEncryptRequest& WithSourceKeyId(const char* value) { SetSourceKeyId(value); return *this;} /** *

A unique identifier for the KMS key that is used to reencrypt the data. * Specify a symmetric encryption KMS key or an asymmetric KMS key with a * KeyUsage value of ENCRYPT_DECRYPT. To find the * KeyUsage value of a KMS key, use the DescribeKey * operation.

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline const Aws::String& GetDestinationKeyId() const{ return m_destinationKeyId; } /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline bool DestinationKeyIdHasBeenSet() const { return m_destinationKeyIdHasBeenSet; } /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetDestinationKeyId(const Aws::String& value) { m_destinationKeyIdHasBeenSet = true; m_destinationKeyId = value; } /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetDestinationKeyId(Aws::String&& value) { m_destinationKeyIdHasBeenSet = true; m_destinationKeyId = std::move(value); } /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetDestinationKeyId(const char* value) { m_destinationKeyIdHasBeenSet = true; m_destinationKeyId.assign(value); } /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline ReEncryptRequest& WithDestinationKeyId(const Aws::String& value) { SetDestinationKeyId(value); return *this;} /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline ReEncryptRequest& WithDestinationKeyId(Aws::String&& value) { SetDestinationKeyId(std::move(value)); return *this;} /** *

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline ReEncryptRequest& WithDestinationKeyId(const char* value) { SetDestinationKeyId(value); return *this;} /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

A destination encryption context is valid only when * the destination KMS key is a symmetric encryption KMS key. The standard * ciphertext format for asymmetric KMS keys does not include fields for * metadata.

An encryption context is a collection of non-secret * key-value pairs that represent additional authenticated data. When you use an * encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption * context is supported only on operations with symmetric encryption KMS keys. On * operations with symmetric encryption KMS keys, an encryption context is * optional, but it is strongly recommended.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline const Aws::Map& GetDestinationEncryptionContext() const{ return m_destinationEncryptionContext; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline bool DestinationEncryptionContextHasBeenSet() const { return m_destinationEncryptionContextHasBeenSet; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline void SetDestinationEncryptionContext(const Aws::Map& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext = value; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline void SetDestinationEncryptionContext(Aws::Map&& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext = std::move(value); } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& WithDestinationEncryptionContext(const Aws::Map& value) { SetDestinationEncryptionContext(value); return *this;} /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& WithDestinationEncryptionContext(Aws::Map&& value) { SetDestinationEncryptionContext(std::move(value)); return *this;} /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(const Aws::String& key, const Aws::String& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(key, value); return *this; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(Aws::String&& key, const Aws::String& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(const Aws::String& key, Aws::String&& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(Aws::String&& key, Aws::String&& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(std::move(key), std::move(value)); return *this; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(const char* key, Aws::String&& value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(Aws::String&& key, const char* value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies that encryption context to use when the reencrypting the data.

Do not include confidential or sensitive information in this * field. This field may be displayed in plaintext in CloudTrail logs and other * output.

For more information, see Encryption * context in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& AddDestinationEncryptionContext(const char* key, const char* value) { m_destinationEncryptionContextHasBeenSet = true; m_destinationEncryptionContext.emplace(key, value); return *this; } /** *

Specifies the encryption algorithm that KMS will use to decrypt the * ciphertext before it is reencrypted. The default value, * SYMMETRIC_DEFAULT, represents the algorithm used for symmetric * encryption KMS keys.

Specify the same algorithm that was used to encrypt * the ciphertext. If you specify a different algorithm, the decrypt attempt * fails.

This parameter is required only when the ciphertext was encrypted * under an asymmetric KMS key.

*/ inline const EncryptionAlgorithmSpec& GetSourceEncryptionAlgorithm() const{ return m_sourceEncryptionAlgorithm; } /** *

Specify the same algorithm that was used to encrypt * the ciphertext. If you specify a different algorithm, the decrypt attempt * fails.

This parameter is required only when the ciphertext was encrypted * under an asymmetric KMS key.

*/ inline bool SourceEncryptionAlgorithmHasBeenSet() const { return m_sourceEncryptionAlgorithmHasBeenSet; } /** *

Specify the same algorithm that was used to encrypt * the ciphertext. If you specify a different algorithm, the decrypt attempt * fails.

This parameter is required only when the ciphertext was encrypted * under an asymmetric KMS key.

*/ inline void SetSourceEncryptionAlgorithm(const EncryptionAlgorithmSpec& value) { m_sourceEncryptionAlgorithmHasBeenSet = true; m_sourceEncryptionAlgorithm = value; } /** *

Specify the same algorithm that was used to encrypt * the ciphertext. If you specify a different algorithm, the decrypt attempt * fails.

This parameter is required only when the ciphertext was encrypted * under an asymmetric KMS key.

*/ inline void SetSourceEncryptionAlgorithm(EncryptionAlgorithmSpec&& value) { m_sourceEncryptionAlgorithmHasBeenSet = true; m_sourceEncryptionAlgorithm = std::move(value); } /** *

Specify the same algorithm that was used to encrypt * the ciphertext. If you specify a different algorithm, the decrypt attempt * fails.

This parameter is required only when the ciphertext was encrypted * under an asymmetric KMS key.

*/ inline ReEncryptRequest& WithSourceEncryptionAlgorithm(const EncryptionAlgorithmSpec& value) { SetSourceEncryptionAlgorithm(value); return *this;} /** *

Specify the same algorithm that was used to encrypt * the ciphertext. If you specify a different algorithm, the decrypt attempt * fails.

This parameter is required only when the ciphertext was encrypted * under an asymmetric KMS key.

*/ inline ReEncryptRequest& WithSourceEncryptionAlgorithm(EncryptionAlgorithmSpec&& value) { SetSourceEncryptionAlgorithm(std::move(value)); return *this;} /** *

Specifies the encryption algorithm that KMS will use to reecrypt the data * after it has decrypted it. The default value, SYMMETRIC_DEFAULT, * represents the encryption algorithm used for symmetric encryption KMS keys.

This parameter is required only when the destination KMS key is an asymmetric * KMS key.

*/ inline const EncryptionAlgorithmSpec& GetDestinationEncryptionAlgorithm() const{ return m_destinationEncryptionAlgorithm; } /** *

This parameter is required only when the destination KMS key is an asymmetric * KMS key.

*/ inline bool DestinationEncryptionAlgorithmHasBeenSet() const { return m_destinationEncryptionAlgorithmHasBeenSet; } /** *

This parameter is required only when the destination KMS key is an asymmetric * KMS key.

*/ inline void SetDestinationEncryptionAlgorithm(const EncryptionAlgorithmSpec& value) { m_destinationEncryptionAlgorithmHasBeenSet = true; m_destinationEncryptionAlgorithm = value; } /** *

This parameter is required only when the destination KMS key is an asymmetric * KMS key.

*/ inline void SetDestinationEncryptionAlgorithm(EncryptionAlgorithmSpec&& value) { m_destinationEncryptionAlgorithmHasBeenSet = true; m_destinationEncryptionAlgorithm = std::move(value); } /** *

This parameter is required only when the destination KMS key is an asymmetric * KMS key.

*/ inline ReEncryptRequest& WithDestinationEncryptionAlgorithm(const EncryptionAlgorithmSpec& value) { SetDestinationEncryptionAlgorithm(value); return *this;} /** *

This parameter is required only when the destination KMS key is an asymmetric * KMS key.

*/ inline ReEncryptRequest& WithDestinationEncryptionAlgorithm(EncryptionAlgorithmSpec&& value) { SetDestinationEncryptionAlgorithm(std::move(value)); return *this;} /** *

A list of grant tokens.

Use a grant token when your permission to call * this operation comes from a new grant that has not yet achieved eventual * consistency. For more information, see Grant * token and Using * a grant token in the Key Management Service Developer Guide.

*/ inline const Aws::Vector& GetGrantTokens() const{ return m_grantTokens; } /** *

A list of grant tokens.

*/ inline bool GrantTokensHasBeenSet() const { return m_grantTokensHasBeenSet; } /** *

A list of grant tokens.

*/ inline void SetGrantTokens(const Aws::Vector& value) { m_grantTokensHasBeenSet = true; m_grantTokens = value; } /** *

A list of grant tokens.

*/ inline void SetGrantTokens(Aws::Vector&& value) { m_grantTokensHasBeenSet = true; m_grantTokens = std::move(value); } /** *

A list of grant tokens.

*/ inline ReEncryptRequest& WithGrantTokens(const Aws::Vector& value) { SetGrantTokens(value); return *this;} /** *

A list of grant tokens.

*/ inline ReEncryptRequest& WithGrantTokens(Aws::Vector&& value) { SetGrantTokens(std::move(value)); return *this;} /** *

A list of grant tokens.

*/ inline ReEncryptRequest& AddGrantTokens(const Aws::String& value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(value); return *this; } /** *

A list of grant tokens.

*/ inline ReEncryptRequest& AddGrantTokens(Aws::String&& value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(std::move(value)); return *this; } /** *

A list of grant tokens.

*/ inline ReEncryptRequest& AddGrantTokens(const char* value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(value); return *this; } /** *

Checks if your request will succeed. DryRun is an optional * parameter.

To learn more about how to use this parameter, see Testing * your KMS API calls in the Key Management Service Developer Guide.

*/ inline bool GetDryRun() const{ return m_dryRun; } /** *

Checks if your request will succeed. DryRun is an optional * parameter.

To learn more about how to use this parameter, see Testing * your KMS API calls in the Key Management Service Developer Guide.

*/ inline bool DryRunHasBeenSet() const { return m_dryRunHasBeenSet; } /** *

Checks if your request will succeed. DryRun is an optional * parameter.

To learn more about how to use this parameter, see Testing * your KMS API calls in the Key Management Service Developer Guide.

*/ inline void SetDryRun(bool value) { m_dryRunHasBeenSet = true; m_dryRun = value; } /** *

Checks if your request will succeed. DryRun is an optional * parameter.

To learn more about how to use this parameter, see Testing * your KMS API calls in the Key Management Service Developer Guide.

*/ inline ReEncryptRequest& WithDryRun(bool value) { SetDryRun(value); return *this;} private: Aws::Utils::ByteBuffer m_ciphertextBlob; bool m_ciphertextBlobHasBeenSet = false; Aws::Map m_sourceEncryptionContext; bool m_sourceEncryptionContextHasBeenSet = false; Aws::String m_sourceKeyId; bool m_sourceKeyIdHasBeenSet = false; Aws::String m_destinationKeyId; bool m_destinationKeyIdHasBeenSet = false; Aws::Map m_destinationEncryptionContext; bool m_destinationEncryptionContextHasBeenSet = false; EncryptionAlgorithmSpec m_sourceEncryptionAlgorithm; bool m_sourceEncryptionAlgorithmHasBeenSet = false; EncryptionAlgorithmSpec m_destinationEncryptionAlgorithm; bool m_destinationEncryptionAlgorithmHasBeenSet = false; Aws::Vector m_grantTokens; bool m_grantTokensHasBeenSet = false; bool m_dryRun; bool m_dryRunHasBeenSet = false; }; } // namespace Model } // namespace KMS } // namespace Aws