/* * Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with * the License. A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions * and limitations under the License. */ package com.amazonaws.services.accessanalyzer.model; import java.io.Serializable; import javax.annotation.Generated; import com.amazonaws.protocol.StructuredPojo; import com.amazonaws.protocol.ProtocolMarshaller; /** *

* Use this structure to propose allowing cryptographic * operations in the grant only when the operation request includes the specified encryption context. * You can specify only one type of encryption context. An empty map is treated as not specified. For more information, * see GrantConstraints. *

* * @see AWS * API Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class KmsGrantConstraints implements Serializable, Cloneable, StructuredPojo { /** *

* A list of key-value pairs that must match the encryption context in the cryptographic * operation request. The grant allows the operation only when the encryption context in the request is the same * as the encryption context specified in this constraint. *

*/ private java.util.Map encryptionContextEquals; /** *

* A list of key-value pairs that must be included in the encryption context of the cryptographic * operation request. The grant allows the cryptographic operation only when the encryption context in the * request includes the key-value pairs specified in this constraint, although it can include additional key-value * pairs. *

*/ private java.util.Map encryptionContextSubset; /** *

* * @return A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in * the request is the same as the encryption context specified in this constraint. */ public java.util.Map getEncryptionContextEquals() { return encryptionContextEquals; } /** *

* * @param encryptionContextEquals * A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in * the request is the same as the encryption context specified in this constraint. * @return Returns a reference to this object so that method calls can be chained together. */ public KmsGrantConstraints withEncryptionContextEquals(java.util.Map encryptionContextEquals) { setEncryptionContextEquals(encryptionContextEquals); return this; } /** * Add a single EncryptionContextEquals entry * * @see KmsGrantConstraints#withEncryptionContextEquals * @returns a reference to this object so that method calls can be chained together. */ public KmsGrantConstraints addEncryptionContextEqualsEntry(String key, String value) { if (null == this.encryptionContextEquals) { this.encryptionContextEquals = new java.util.HashMap(); } if (this.encryptionContextEquals.containsKey(key)) throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided."); this.encryptionContextEquals.put(key, value); return this; } /** * Removes all the entries added into EncryptionContextEquals. * * @return Returns a reference to this object so that method calls can be chained together. */ public KmsGrantConstraints clearEncryptionContextEqualsEntries() { this.encryptionContextEquals = null; return this; } /** *

* * @return A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the * encryption context in the request includes the key-value pairs specified in this constraint, although it * can include additional key-value pairs. */ public java.util.Map getEncryptionContextSubset() { return encryptionContextSubset; } /** *

* * @param encryptionContextSubset * A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the * encryption context in the request includes the key-value pairs specified in this constraint, although it * can include additional key-value pairs. * @return Returns a reference to this object so that method calls can be chained together. */ public KmsGrantConstraints withEncryptionContextSubset(java.util.Map encryptionContextSubset) { setEncryptionContextSubset(encryptionContextSubset); return this; } /** * Add a single EncryptionContextSubset entry * * @see KmsGrantConstraints#withEncryptionContextSubset * @returns a reference to this object so that method calls can be chained together. */ public KmsGrantConstraints addEncryptionContextSubsetEntry(String key, String value) { if (null == this.encryptionContextSubset) { this.encryptionContextSubset = new java.util.HashMap(); } if (this.encryptionContextSubset.containsKey(key)) throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided."); this.encryptionContextSubset.put(key, value); return this; } /** * Removes all the entries added into EncryptionContextSubset. * * @return Returns a reference to this object so that method calls can be chained together. */ public KmsGrantConstraints clearEncryptionContextSubsetEntries() { this.encryptionContextSubset = null; return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getEncryptionContextEquals() != null) sb.append("EncryptionContextEquals: ").append(getEncryptionContextEquals()).append(","); if (getEncryptionContextSubset() != null) sb.append("EncryptionContextSubset: ").append(getEncryptionContextSubset()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof KmsGrantConstraints == false) return false; KmsGrantConstraints other = (KmsGrantConstraints) obj; if (other.getEncryptionContextEquals() == null ^ this.getEncryptionContextEquals() == null) return false; if (other.getEncryptionContextEquals() != null && other.getEncryptionContextEquals().equals(this.getEncryptionContextEquals()) == false) return false; if (other.getEncryptionContextSubset() == null ^ this.getEncryptionContextSubset() == null) return false; if (other.getEncryptionContextSubset() != null && other.getEncryptionContextSubset().equals(this.getEncryptionContextSubset()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getEncryptionContextEquals() == null) ? 0 : getEncryptionContextEquals().hashCode()); hashCode = prime * hashCode + ((getEncryptionContextSubset() == null) ? 0 : getEncryptionContextSubset().hashCode()); return hashCode; } @Override public KmsGrantConstraints clone() { try { return (KmsGrantConstraints) super.clone(); } catch (CloneNotSupportedException e) { throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e); } } @com.amazonaws.annotation.SdkInternalApi @Override public void marshall(ProtocolMarshaller protocolMarshaller) { com.amazonaws.services.accessanalyzer.model.transform.KmsGrantConstraintsMarshaller.getInstance().marshall(this, protocolMarshaller); } }