* The data structure used by the Data Catalog to encrypt the password as part of CreateConnection or
* UpdateConnection and store it in the ENCRYPTED_PASSWORD field in the connection properties.
* You can enable catalog encryption or only password encryption.
*
* When a CreationConnection request arrives containing a password, the Data Catalog first encrypts the
* password using your KMS key. It then encrypts the whole connection object again if catalog encryption is also
* enabled.
*
* This encryption requires that you set KMS key permissions to enable or restrict access on the password key according * to your security requirements. For example, you might want only administrators to have decrypt permission on the * password key. *
* * @see AWS * API Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class ConnectionPasswordEncryption implements Serializable, Cloneable, StructuredPojo { /** *
* When the ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted in the
* responses of GetConnection and GetConnections. This encryption takes effect
* independently from catalog encryption.
*
* An KMS key that is used to encrypt the connection password. *
*
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS key, to
* encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your security * requirements. *
*/ private String awsKmsKeyId; /** *
* When the ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted in the
* responses of GetConnection and GetConnections. This encryption takes effect
* independently from catalog encryption.
*
ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted
* in the responses of GetConnection and GetConnections. This encryption takes
* effect independently from catalog encryption.
*/
public void setReturnConnectionPasswordEncrypted(Boolean returnConnectionPasswordEncrypted) {
this.returnConnectionPasswordEncrypted = returnConnectionPasswordEncrypted;
}
/**
*
* When the ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted in the
* responses of GetConnection and GetConnections. This encryption takes effect
* independently from catalog encryption.
*
ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted
* in the responses of GetConnection and GetConnections. This encryption takes
* effect independently from catalog encryption.
*/
public Boolean getReturnConnectionPasswordEncrypted() {
return this.returnConnectionPasswordEncrypted;
}
/**
*
* When the ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted in the
* responses of GetConnection and GetConnections. This encryption takes effect
* independently from catalog encryption.
*
ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted
* in the responses of GetConnection and GetConnections. This encryption takes
* effect independently from catalog encryption.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ConnectionPasswordEncryption withReturnConnectionPasswordEncrypted(Boolean returnConnectionPasswordEncrypted) {
setReturnConnectionPasswordEncrypted(returnConnectionPasswordEncrypted);
return this;
}
/**
*
* When the ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted in the
* responses of GetConnection and GetConnections. This encryption takes effect
* independently from catalog encryption.
*
ReturnConnectionPasswordEncrypted flag is set to "true", passwords remain encrypted
* in the responses of GetConnection and GetConnections. This encryption takes
* effect independently from catalog encryption.
*/
public Boolean isReturnConnectionPasswordEncrypted() {
return this.returnConnectionPasswordEncrypted;
}
/**
* * An KMS key that is used to encrypt the connection password. *
*
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS key, to
* encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your security * requirements. *
* * @param awsKmsKeyId * An KMS key that is used to encrypt the connection password. *
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS key,
* to encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your * security requirements. */ public void setAwsKmsKeyId(String awsKmsKeyId) { this.awsKmsKeyId = awsKmsKeyId; } /** *
* An KMS key that is used to encrypt the connection password. *
*
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS key, to
* encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your security * requirements. *
* * @return An KMS key that is used to encrypt the connection password. *
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS
* key, to encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your * security requirements. */ public String getAwsKmsKeyId() { return this.awsKmsKeyId; } /** *
* An KMS key that is used to encrypt the connection password. *
*
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS key, to
* encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your security * requirements. *
* * @param awsKmsKeyId * An KMS key that is used to encrypt the connection password. *
* If connection password protection is enabled, the caller of CreateConnection and
* UpdateConnection needs at least kms:Encrypt permission on the specified KMS key,
* to encrypt passwords before storing them in the Data Catalog.
*
* You can set the decrypt permission to enable or restrict access on the password key according to your * security requirements. * @return Returns a reference to this object so that method calls can be chained together. */ public ConnectionPasswordEncryption withAwsKmsKeyId(String awsKmsKeyId) { setAwsKmsKeyId(awsKmsKeyId); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getReturnConnectionPasswordEncrypted() != null) sb.append("ReturnConnectionPasswordEncrypted: ").append(getReturnConnectionPasswordEncrypted()).append(","); if (getAwsKmsKeyId() != null) sb.append("AwsKmsKeyId: ").append(getAwsKmsKeyId()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof ConnectionPasswordEncryption == false) return false; ConnectionPasswordEncryption other = (ConnectionPasswordEncryption) obj; if (other.getReturnConnectionPasswordEncrypted() == null ^ this.getReturnConnectionPasswordEncrypted() == null) return false; if (other.getReturnConnectionPasswordEncrypted() != null && other.getReturnConnectionPasswordEncrypted().equals(this.getReturnConnectionPasswordEncrypted()) == false) return false; if (other.getAwsKmsKeyId() == null ^ this.getAwsKmsKeyId() == null) return false; if (other.getAwsKmsKeyId() != null && other.getAwsKmsKeyId().equals(this.getAwsKmsKeyId()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getReturnConnectionPasswordEncrypted() == null) ? 0 : getReturnConnectionPasswordEncrypted().hashCode()); hashCode = prime * hashCode + ((getAwsKmsKeyId() == null) ? 0 : getAwsKmsKeyId().hashCode()); return hashCode; } @Override public ConnectionPasswordEncryption clone() { try { return (ConnectionPasswordEncryption) super.clone(); } catch (CloneNotSupportedException e) { throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e); } } @com.amazonaws.annotation.SdkInternalApi @Override public void marshall(ProtocolMarshaller protocolMarshaller) { com.amazonaws.services.glue.model.transform.ConnectionPasswordEncryptionMarshaller.getInstance().marshall(this, protocolMarshaller); } }