/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include namespace Aws { namespace Utils { namespace Json { class JsonValue; class JsonView; } // namespace Json } // namespace Utils namespace QLDB { namespace Model { /** *

Information about the encryption of data at rest in an Amazon QLDB ledger. * This includes the current status, the key in Key Management Service (KMS), and * when the key became inaccessible (in the case of an error).

For more * information, see Encryption * at rest in the Amazon QLDB Developer Guide.

See Also:

* AWS * API Reference

*/ class LedgerEncryptionDescription { public: AWS_QLDB_API LedgerEncryptionDescription(); AWS_QLDB_API LedgerEncryptionDescription(Aws::Utils::Json::JsonView jsonValue); AWS_QLDB_API LedgerEncryptionDescription& operator=(Aws::Utils::Json::JsonView jsonValue); AWS_QLDB_API Aws::Utils::Json::JsonValue Jsonize() const; /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline const Aws::String& GetKmsKeyArn() const{ return m_kmsKeyArn; } /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline bool KmsKeyArnHasBeenSet() const { return m_kmsKeyArnHasBeenSet; } /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline void SetKmsKeyArn(const Aws::String& value) { m_kmsKeyArnHasBeenSet = true; m_kmsKeyArn = value; } /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline void SetKmsKeyArn(Aws::String&& value) { m_kmsKeyArnHasBeenSet = true; m_kmsKeyArn = std::move(value); } /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline void SetKmsKeyArn(const char* value) { m_kmsKeyArnHasBeenSet = true; m_kmsKeyArn.assign(value); } /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline LedgerEncryptionDescription& WithKmsKeyArn(const Aws::String& value) { SetKmsKeyArn(value); return *this;} /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline LedgerEncryptionDescription& WithKmsKeyArn(Aws::String&& value) { SetKmsKeyArn(std::move(value)); return *this;} /** *

The Amazon Resource Name (ARN) of the customer managed KMS key that the * ledger uses for encryption at rest. If this parameter is undefined, the ledger * uses an Amazon Web Services owned KMS key for encryption.

*/ inline LedgerEncryptionDescription& WithKmsKeyArn(const char* value) { SetKmsKeyArn(value); return *this;} /** *

The current state of encryption at rest for the ledger. This can be one of * the following values:

  • ENABLED: Encryption is * fully enabled using the specified key.

  • UPDATING: * The ledger is actively processing the specified key change.

    Key changes * in QLDB are asynchronous. The ledger is fully accessible without any performance * impact while the key change is being processed. The amount of time it takes to * update a key varies depending on the ledger size.

  • * KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not * accessible, and the ledger is impaired. Either the key was disabled or deleted, * or the grants on the key were revoked. When a ledger is impaired, it is not * accessible and does not accept any read or write requests.

    An impaired * ledger automatically returns to an active state after you restore the grants on * the key, or re-enable the key that was disabled. However, deleting a customer * managed KMS key is irreversible. After a key is deleted, you can no longer * access the ledgers that are protected with that key, and the data becomes * unrecoverable permanently.

*/ inline const EncryptionStatus& GetEncryptionStatus() const{ return m_encryptionStatus; } /** *

The current state of encryption at rest for the ledger. This can be one of * the following values:

  • ENABLED: Encryption is * fully enabled using the specified key.

  • UPDATING: * The ledger is actively processing the specified key change.

    Key changes * in QLDB are asynchronous. The ledger is fully accessible without any performance * impact while the key change is being processed. The amount of time it takes to * update a key varies depending on the ledger size.

  • * KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not * accessible, and the ledger is impaired. Either the key was disabled or deleted, * or the grants on the key were revoked. When a ledger is impaired, it is not * accessible and does not accept any read or write requests.

    An impaired * ledger automatically returns to an active state after you restore the grants on * the key, or re-enable the key that was disabled. However, deleting a customer * managed KMS key is irreversible. After a key is deleted, you can no longer * access the ledgers that are protected with that key, and the data becomes * unrecoverable permanently.

*/ inline bool EncryptionStatusHasBeenSet() const { return m_encryptionStatusHasBeenSet; } /** *

The current state of encryption at rest for the ledger. This can be one of * the following values:

  • ENABLED: Encryption is * fully enabled using the specified key.

  • UPDATING: * The ledger is actively processing the specified key change.

    Key changes * in QLDB are asynchronous. The ledger is fully accessible without any performance * impact while the key change is being processed. The amount of time it takes to * update a key varies depending on the ledger size.

  • * KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not * accessible, and the ledger is impaired. Either the key was disabled or deleted, * or the grants on the key were revoked. When a ledger is impaired, it is not * accessible and does not accept any read or write requests.

    An impaired * ledger automatically returns to an active state after you restore the grants on * the key, or re-enable the key that was disabled. However, deleting a customer * managed KMS key is irreversible. After a key is deleted, you can no longer * access the ledgers that are protected with that key, and the data becomes * unrecoverable permanently.

*/ inline void SetEncryptionStatus(const EncryptionStatus& value) { m_encryptionStatusHasBeenSet = true; m_encryptionStatus = value; } /** *

The current state of encryption at rest for the ledger. This can be one of * the following values:

  • ENABLED: Encryption is * fully enabled using the specified key.

  • UPDATING: * The ledger is actively processing the specified key change.

    Key changes * in QLDB are asynchronous. The ledger is fully accessible without any performance * impact while the key change is being processed. The amount of time it takes to * update a key varies depending on the ledger size.

  • * KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not * accessible, and the ledger is impaired. Either the key was disabled or deleted, * or the grants on the key were revoked. When a ledger is impaired, it is not * accessible and does not accept any read or write requests.

    An impaired * ledger automatically returns to an active state after you restore the grants on * the key, or re-enable the key that was disabled. However, deleting a customer * managed KMS key is irreversible. After a key is deleted, you can no longer * access the ledgers that are protected with that key, and the data becomes * unrecoverable permanently.

*/ inline void SetEncryptionStatus(EncryptionStatus&& value) { m_encryptionStatusHasBeenSet = true; m_encryptionStatus = std::move(value); } /** *

The current state of encryption at rest for the ledger. This can be one of * the following values:

  • ENABLED: Encryption is * fully enabled using the specified key.

  • UPDATING: * The ledger is actively processing the specified key change.

    Key changes * in QLDB are asynchronous. The ledger is fully accessible without any performance * impact while the key change is being processed. The amount of time it takes to * update a key varies depending on the ledger size.

  • * KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not * accessible, and the ledger is impaired. Either the key was disabled or deleted, * or the grants on the key were revoked. When a ledger is impaired, it is not * accessible and does not accept any read or write requests.

    An impaired * ledger automatically returns to an active state after you restore the grants on * the key, or re-enable the key that was disabled. However, deleting a customer * managed KMS key is irreversible. After a key is deleted, you can no longer * access the ledgers that are protected with that key, and the data becomes * unrecoverable permanently.

*/ inline LedgerEncryptionDescription& WithEncryptionStatus(const EncryptionStatus& value) { SetEncryptionStatus(value); return *this;} /** *

The current state of encryption at rest for the ledger. This can be one of * the following values:

  • ENABLED: Encryption is * fully enabled using the specified key.

  • UPDATING: * The ledger is actively processing the specified key change.

    Key changes * in QLDB are asynchronous. The ledger is fully accessible without any performance * impact while the key change is being processed. The amount of time it takes to * update a key varies depending on the ledger size.

  • * KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not * accessible, and the ledger is impaired. Either the key was disabled or deleted, * or the grants on the key were revoked. When a ledger is impaired, it is not * accessible and does not accept any read or write requests.

    An impaired * ledger automatically returns to an active state after you restore the grants on * the key, or re-enable the key that was disabled. However, deleting a customer * managed KMS key is irreversible. After a key is deleted, you can no longer * access the ledgers that are protected with that key, and the data becomes * unrecoverable permanently.

*/ inline LedgerEncryptionDescription& WithEncryptionStatus(EncryptionStatus&& value) { SetEncryptionStatus(std::move(value)); return *this;} /** *

The date and time, in epoch time format, when the KMS key first became * inaccessible, in the case of an error. (Epoch time format is the number of * seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)

This * parameter is undefined if the KMS key is accessible.

*/ inline const Aws::Utils::DateTime& GetInaccessibleKmsKeyDateTime() const{ return m_inaccessibleKmsKeyDateTime; } /** *

The date and time, in epoch time format, when the KMS key first became * inaccessible, in the case of an error. (Epoch time format is the number of * seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)

This * parameter is undefined if the KMS key is accessible.

*/ inline bool InaccessibleKmsKeyDateTimeHasBeenSet() const { return m_inaccessibleKmsKeyDateTimeHasBeenSet; } /** *

The date and time, in epoch time format, when the KMS key first became * inaccessible, in the case of an error. (Epoch time format is the number of * seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)

This * parameter is undefined if the KMS key is accessible.

*/ inline void SetInaccessibleKmsKeyDateTime(const Aws::Utils::DateTime& value) { m_inaccessibleKmsKeyDateTimeHasBeenSet = true; m_inaccessibleKmsKeyDateTime = value; } /** *

The date and time, in epoch time format, when the KMS key first became * inaccessible, in the case of an error. (Epoch time format is the number of * seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)

This * parameter is undefined if the KMS key is accessible.

*/ inline void SetInaccessibleKmsKeyDateTime(Aws::Utils::DateTime&& value) { m_inaccessibleKmsKeyDateTimeHasBeenSet = true; m_inaccessibleKmsKeyDateTime = std::move(value); } /** *

The date and time, in epoch time format, when the KMS key first became * inaccessible, in the case of an error. (Epoch time format is the number of * seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)

This * parameter is undefined if the KMS key is accessible.

*/ inline LedgerEncryptionDescription& WithInaccessibleKmsKeyDateTime(const Aws::Utils::DateTime& value) { SetInaccessibleKmsKeyDateTime(value); return *this;} /** *

The date and time, in epoch time format, when the KMS key first became * inaccessible, in the case of an error. (Epoch time format is the number of * seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)

This * parameter is undefined if the KMS key is accessible.

*/ inline LedgerEncryptionDescription& WithInaccessibleKmsKeyDateTime(Aws::Utils::DateTime&& value) { SetInaccessibleKmsKeyDateTime(std::move(value)); return *this;} private: Aws::String m_kmsKeyArn; bool m_kmsKeyArnHasBeenSet = false; EncryptionStatus m_encryptionStatus; bool m_encryptionStatusHasBeenSet = false; Aws::Utils::DateTime m_inaccessibleKmsKeyDateTime; bool m_inaccessibleKmsKeyDateTimeHasBeenSet = false; }; } // namespace Model } // namespace QLDB } // namespace Aws