* Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *
** Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *
*
* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *
*/ private String cloudHsmClusterId; /** *
* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the cluster.
*
* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key
* stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as
* this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in the
* CloudHSM cluster.
*
* Specifies the type of custom key store. The default value is AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For
* a custom key store backed by an external key manager outside of Amazon Web Services, enter
* EXTERNAL_KEY_STORE. You cannot change this property after the key store is created.
*
* Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter
* is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE,
* specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before
* you create the custom key store. KMS connects to the external key store proxy while creating the custom key
* store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call
* the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and lower case
* letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes (
* / and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name.
* The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE
* connectivity (private DNS name) must be unique in the Amazon Web Services account and Region.
*
* Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation
* for your external key store proxy. This parameter is required for all custom key stores with a
* CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix between
* the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
* Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with
* your external key store proxy (XKS proxy). This parameter is required when the value of
* CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
*
* The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
* Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required
* for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a
* secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For
* character requirements, see
* XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *
*/ private XksProxyAuthenticationCredentialType xksProxyAuthenticationCredential; /** *
* Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key
* stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key
* store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *
*/ private String xksProxyConnectivity; /** ** Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *
** Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *
** Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *
*/ public void setCustomKeyStoreName(String customKeyStoreName) { this.customKeyStoreName = customKeyStoreName; } /** ** Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *
** Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *
** Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *
*/ public String getCustomKeyStoreName() { return this.customKeyStoreName; } /** ** Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account * and Region. This parameter is required for all custom key stores. *
** Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *
** Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *
* @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withCustomKeyStoreName(String customKeyStoreName) { setCustomKeyStoreName(customKeyStoreName); return this; } /** *
* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *
* * @param cloudHsmClusterId * Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key * stores withCustomKeyStoreType of AWS_CLOUDHSM.
* * Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key * store. To find the cluster ID, use the DescribeClusters operation. */ public void setCloudHsmClusterId(String cloudHsmClusterId) { this.cloudHsmClusterId = cloudHsmClusterId; } /** *
* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *
* * @return Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key * stores withCustomKeyStoreType of AWS_CLOUDHSM.
* * Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key * store. To find the cluster ID, use the DescribeClusters operation. */ public String getCloudHsmClusterId() { return this.cloudHsmClusterId; } /** *
* Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key stores with
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key store. To * find the cluster ID, use the DescribeClusters * operation. *
* * @param cloudHsmClusterId * Identifies the CloudHSM cluster for an CloudHSM key store. This parameter is required for custom key * stores withCustomKeyStoreType of AWS_CLOUDHSM.
* * Enter the cluster ID of any active CloudHSM cluster that is not already associated with a custom key * store. To find the cluster ID, use the DescribeClusters operation. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withCloudHsmClusterId(String cloudHsmClusterId) { setCloudHsmClusterId(cloudHsmClusterId); return this; } /** *
* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the cluster.
*
CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the
* cluster.
*/
public void setTrustAnchorCertificate(String trustAnchorCertificate) {
this.trustAnchorCertificate = trustAnchorCertificate;
}
/**
*
* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the cluster.
*
CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the
* cluster.
*/
public String getTrustAnchorCertificate() {
return this.trustAnchorCertificate;
}
/**
*
* Specifies the certificate for an CloudHSM key store. This parameter is required for custom key stores with a
* CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the cluster.
*
CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the content of the trust anchor certificate for the CloudHSM cluster. This is the content of the
* customerCA.crt file that you created when you initialized the
* cluster.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateCustomKeyStoreRequest withTrustAnchorCertificate(String trustAnchorCertificate) {
setTrustAnchorCertificate(trustAnchorCertificate);
return this;
}
/**
*
* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key
* stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as
* this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in the
* CloudHSM cluster.
*
kmsuser password for an CloudHSM key store. This parameter is required for
* custom key stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the
* cluster as this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in the
* CloudHSM cluster.
*/
public void setKeyStorePassword(String keyStorePassword) {
this.keyStorePassword = keyStorePassword;
}
/**
*
* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key
* stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as
* this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in the
* CloudHSM cluster.
*
kmsuser password for an CloudHSM key store. This parameter is required for
* custom key stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the
* cluster as this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in
* the CloudHSM cluster.
*/
public String getKeyStorePassword() {
return this.keyStorePassword;
}
/**
*
* Specifies the kmsuser password for an CloudHSM key store. This parameter is required for custom key
* stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as
* this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in the
* CloudHSM cluster.
*
kmsuser password for an CloudHSM key store. This parameter is required for
* custom key stores with a CustomKeyStoreType of AWS_CLOUDHSM.
*
* Enter the password of the
* kmsuser crypto user (CU) account in the specified CloudHSM cluster. KMS logs into the
* cluster as this user to manage key material on your behalf.
*
* The password must be a string of 7 to 32 characters. Its value is case sensitive. *
*
* This parameter tells KMS the kmsuser account password; it does not change the password in the
* CloudHSM cluster.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateCustomKeyStoreRequest withKeyStorePassword(String keyStorePassword) {
setKeyStorePassword(keyStorePassword);
return this;
}
/**
*
* Specifies the type of custom key store. The default value is AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For
* a custom key store backed by an external key manager outside of Amazon Web Services, enter
* EXTERNAL_KEY_STORE. You cannot change this property after the key store is created.
*
AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter
* AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web
* Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is
* created.
* @see CustomKeyStoreType
*/
public void setCustomKeyStoreType(String customKeyStoreType) {
this.customKeyStoreType = customKeyStoreType;
}
/**
*
* Specifies the type of custom key store. The default value is AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For
* a custom key store backed by an external key manager outside of Amazon Web Services, enter
* EXTERNAL_KEY_STORE. You cannot change this property after the key store is created.
*
AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter
* AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web
* Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is
* created.
* @see CustomKeyStoreType
*/
public String getCustomKeyStoreType() {
return this.customKeyStoreType;
}
/**
*
* Specifies the type of custom key store. The default value is AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For
* a custom key store backed by an external key manager outside of Amazon Web Services, enter
* EXTERNAL_KEY_STORE. You cannot change this property after the key store is created.
*
AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter
* AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web
* Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is
* created.
* @return Returns a reference to this object so that method calls can be chained together.
* @see CustomKeyStoreType
*/
public CreateCustomKeyStoreRequest withCustomKeyStoreType(String customKeyStoreType) {
setCustomKeyStoreType(customKeyStoreType);
return this;
}
/**
*
* Specifies the type of custom key store. The default value is AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter AWS_CLOUDHSM. For
* a custom key store backed by an external key manager outside of Amazon Web Services, enter
* EXTERNAL_KEY_STORE. You cannot change this property after the key store is created.
*
AWS_CLOUDHSM.
*
* For a custom key store backed by an CloudHSM cluster, omit the parameter or enter
* AWS_CLOUDHSM. For a custom key store backed by an external key manager outside of Amazon Web
* Services, enter EXTERNAL_KEY_STORE. You cannot change this property after the key store is
* created.
* @return Returns a reference to this object so that method calls can be chained together.
* @see CustomKeyStoreType
*/
public CreateCustomKeyStoreRequest withCustomKeyStoreType(CustomKeyStoreType customKeyStoreType) {
this.customKeyStoreType = customKeyStoreType.toString();
return this;
}
/**
*
* Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter
* is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE,
* specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before
* you create the custom key store. KMS connects to the external key store proxy while creating the custom key
* store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call
* the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and lower case
* letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes (
* / and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name.
* The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE
* connectivity (private DNS name) must be unique in the Amazon Web Services account and Region.
*
CustomKeyStoreType of
* EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE,
* specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable
* before you create the custom key store. KMS connects to the external key store proxy while creating the
* custom key store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS
* connects when you call the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and
* lower case letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-).
* Additional slashes (/ and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in
* the Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS
* name. The XksProxyUriEndpoint value for external key stores with
* VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in the Amazon Web
* Services account and Region.
*
* Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter
* is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE,
* specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before
* you create the custom key store. KMS connects to the external key store proxy while creating the custom key
* store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call
* the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and lower case
* letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes (
* / and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name.
* The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE
* connectivity (private DNS name) must be unique in the Amazon Web Services account and Region.
*
CustomKeyStoreType of
* EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE
* , specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable
* before you create the custom key store. KMS connects to the external key store proxy while creating the
* custom key store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS
* connects when you call the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and
* lower case letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-).
* Additional slashes (/ and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in
* the Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS
* name. The XksProxyUriEndpoint value for external key stores with
* VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in the Amazon Web
* Services account and Region.
*
* Specifies the endpoint that KMS uses to send requests to the external key store proxy (XKS proxy). This parameter
* is required for custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE,
* specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable before
* you create the custom key store. KMS connects to the external key store proxy while creating the custom key
* store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call
* the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and lower case
* letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-). Additional slashes (
* / and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS name.
* The XksProxyUriEndpoint value for external key stores with VPC_ENDPOINT_SERVICE
* connectivity (private DNS name) must be unique in the Amazon Web Services account and Region.
*
CustomKeyStoreType of
* EXTERNAL_KEY_STORE.
*
* The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the
* XksProxyUriEndpoint value.
*
* For external key stores with XksProxyConnectivity value of VPC_ENDPOINT_SERVICE,
* specify https:// followed by the private DNS name of the VPC endpoint service.
*
* For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must be reachable
* before you create the custom key store. KMS connects to the external key store proxy while creating the
* custom key store. For external key stores with VPC_ENDPOINT_SERVICE connectivity, KMS
* connects when you call the ConnectCustomKeyStore operation.
*
* The value of this parameter must begin with https://. The remainder can contain upper and
* lower case letters (A-Z and a-z), numbers (0-9), dots (.), and hyphens (-).
* Additional slashes (/ and \) are not permitted.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in
* the Amazon Web Services account and Region.
*
* An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
* XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
* connectivity in the same Amazon Web Services Region.
*
* Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its own private DNS
* name. The XksProxyUriEndpoint value for external key stores with
* VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in the Amazon Web
* Services account and Region.
*
* Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation
* for your external key store proxy. This parameter is required for all custom key stores with a
* CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix between
* the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix
* between the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in
* the Amazon Web Services account and Region.
*
* Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation
* for your external key store proxy. This parameter is required for all custom key stores with a
* CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix between
* the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix
* between the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in
* the Amazon Web Services account and Region.
*
* Specifies the base path to the proxy APIs for this external key store. To find this value, see the documentation
* for your external key store proxy. This parameter is required for all custom key stores with a
* CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix between
* the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in the
* Amazon Web Services account and Region.
*
CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The value must start with / and must end with /kms/xks/v1 where v1
* represents the version of the KMS external key store proxy API. This path can include an optional prefix
* between the required elements such as /prefix/kms/xks/v1.
*
* Uniqueness requirements: *
*
* The combined XksProxyUriEndpoint and XksProxyUriPath values must be unique in
* the Amazon Web Services account and Region.
*
* Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with
* your external key store proxy (XKS proxy). This parameter is required when the value of
* CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
*
* The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
* * The Amazon VPC endpoint service must fulfill all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
* Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with
* your external key store proxy (XKS proxy). This parameter is required when the value of
* CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
*
* The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
* * The Amazon VPC endpoint service must fulfill all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
* Specifies the name of the Amazon VPC endpoint service for interface endpoints that is used to communicate with
* your external key store proxy (XKS proxy). This parameter is required when the value of
* CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
*
* The Amazon VPC endpoint service must fulfill * all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
CustomKeyStoreType is EXTERNAL_KEY_STORE and the value of
* XksProxyConnectivity is VPC_ENDPOINT_SERVICE.
* * The Amazon VPC endpoint service must fulfill all requirements for use with an external key store. *
** Uniqueness requirements: *
*
* External key stores with VPC_ENDPOINT_SERVICE connectivity can share an Amazon VPC, but each
* external key store must have its own VPC endpoint service and private DNS name.
*
* Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required
* for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a
* secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For
* character requirements, see
* XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *
* * @param xksProxyAuthenticationCredential * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is * required for all custom key stores with aCustomKeyStoreType of
* EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements:
* RawSecretAccessKey, a secret key, and AccessKeyId, a unique identifier for the
* RawSecretAccessKey. For character requirements, see XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. * This credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS * the credential that you established on your external key store proxy. If you rotate your proxy * authentication credential, use the UpdateCustomKeyStore operation to provide the new credential to * KMS. */ public void setXksProxyAuthenticationCredential(XksProxyAuthenticationCredentialType xksProxyAuthenticationCredential) { this.xksProxyAuthenticationCredential = xksProxyAuthenticationCredential; } /** *
* Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required
* for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a
* secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For
* character requirements, see
* XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *
* * @return Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is * required for all custom key stores with aCustomKeyStoreType of
* EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements:
* RawSecretAccessKey, a secret key, and AccessKeyId, a unique identifier for the
* RawSecretAccessKey. For character requirements, see XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. * This credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS * the credential that you established on your external key store proxy. If you rotate your proxy * authentication credential, use the UpdateCustomKeyStore operation to provide the new credential to * KMS. */ public XksProxyAuthenticationCredentialType getXksProxyAuthenticationCredential() { return this.xksProxyAuthenticationCredential; } /** *
* Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is required
* for all custom key stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements: RawSecretAccessKey, a
* secret key, and AccessKeyId, a unique identifier for the RawSecretAccessKey. For
* character requirements, see
* XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. This * credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS the * credential that you established on your external key store proxy. If you rotate your proxy authentication * credential, use the UpdateCustomKeyStore operation to provide the new credential to KMS. *
* * @param xksProxyAuthenticationCredential * Specifies an authentication credential for the external key store proxy (XKS proxy). This parameter is * required for all custom key stores with aCustomKeyStoreType of
* EXTERNAL_KEY_STORE.
*
* The XksProxyAuthenticationCredential has two required elements:
* RawSecretAccessKey, a secret key, and AccessKeyId, a unique identifier for the
* RawSecretAccessKey. For character requirements, see XksProxyAuthenticationCredentialType.
*
* KMS uses this authentication credential to sign requests to the external key store proxy on your behalf. * This credential is unrelated to Identity and Access Management (IAM) and Amazon Web Services credentials. *
** This parameter doesn't set or change the authentication credentials on the XKS proxy. It just tells KMS * the credential that you established on your external key store proxy. If you rotate your proxy * authentication credential, use the UpdateCustomKeyStore operation to provide the new credential to * KMS. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateCustomKeyStoreRequest withXksProxyAuthenticationCredential(XksProxyAuthenticationCredentialType xksProxyAuthenticationCredential) { setXksProxyAuthenticationCredential(xksProxyAuthenticationCredential); return this; } /** *
* Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key
* stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key
* store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *
* * @param xksProxyConnectivity * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with aCustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the
* external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @see XksProxyConnectivityType */ public void setXksProxyConnectivity(String xksProxyConnectivity) { this.xksProxyConnectivity = xksProxyConnectivity; } /** *
* Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key
* stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key
* store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *
* * @return Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with aCustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the
* external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @see XksProxyConnectivityType */ public String getXksProxyConnectivity() { return this.xksProxyConnectivity; } /** *
* Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key
* stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key
* store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *
* * @param xksProxyConnectivity * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with aCustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the
* external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @return Returns a reference to this object so that method calls can be chained together. * @see XksProxyConnectivityType */ public CreateCustomKeyStoreRequest withXksProxyConnectivity(String xksProxyConnectivity) { setXksProxyConnectivity(xksProxyConnectivity); return this; } /** *
* Indicates how KMS communicates with the external key store proxy. This parameter is required for custom key
* stores with a CustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the external key
* store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely within * Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple * subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A public endpoint is * simpler to set up, but it might be slower and might not fulfill your security requirements. You might consider * testing with a public endpoint, and then establishing a VPC endpoint service for production tasks. Note that this * choice does not determine the location of the external key store proxy. Even if you choose a VPC endpoint * service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in your corporate data * center. *
* * @param xksProxyConnectivity * Indicates how KMS communicates with the external key store proxy. This parameter is required for custom * key stores with aCustomKeyStoreType of EXTERNAL_KEY_STORE.
*
* If the external key store proxy uses a public endpoint, specify PUBLIC_ENDPOINT. If the
* external key store proxy uses a Amazon VPC endpoint service for communication with KMS, specify
* VPC_ENDPOINT_SERVICE. For help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
*
* An Amazon VPC endpoint service keeps your communication with KMS in a private address space entirely * within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with * multiple subnets, a VPC endpoint service, a network load balancer, and a verified private DNS name. A * public endpoint is simpler to set up, but it might be slower and might not fulfill your security * requirements. You might consider testing with a public endpoint, and then establishing a VPC endpoint * service for production tasks. Note that this choice does not determine the location of the external key * store proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within the VPC or outside * of Amazon Web Services such as in your corporate data center. * @return Returns a reference to this object so that method calls can be chained together. * @see XksProxyConnectivityType */ public CreateCustomKeyStoreRequest withXksProxyConnectivity(XksProxyConnectivityType xksProxyConnectivity) { this.xksProxyConnectivity = xksProxyConnectivity.toString(); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getCustomKeyStoreName() != null) sb.append("CustomKeyStoreName: ").append(getCustomKeyStoreName()).append(","); if (getCloudHsmClusterId() != null) sb.append("CloudHsmClusterId: ").append(getCloudHsmClusterId()).append(","); if (getTrustAnchorCertificate() != null) sb.append("TrustAnchorCertificate: ").append(getTrustAnchorCertificate()).append(","); if (getKeyStorePassword() != null) sb.append("KeyStorePassword: ").append("***Sensitive Data Redacted***").append(","); if (getCustomKeyStoreType() != null) sb.append("CustomKeyStoreType: ").append(getCustomKeyStoreType()).append(","); if (getXksProxyUriEndpoint() != null) sb.append("XksProxyUriEndpoint: ").append(getXksProxyUriEndpoint()).append(","); if (getXksProxyUriPath() != null) sb.append("XksProxyUriPath: ").append(getXksProxyUriPath()).append(","); if (getXksProxyVpcEndpointServiceName() != null) sb.append("XksProxyVpcEndpointServiceName: ").append(getXksProxyVpcEndpointServiceName()).append(","); if (getXksProxyAuthenticationCredential() != null) sb.append("XksProxyAuthenticationCredential: ").append(getXksProxyAuthenticationCredential()).append(","); if (getXksProxyConnectivity() != null) sb.append("XksProxyConnectivity: ").append(getXksProxyConnectivity()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof CreateCustomKeyStoreRequest == false) return false; CreateCustomKeyStoreRequest other = (CreateCustomKeyStoreRequest) obj; if (other.getCustomKeyStoreName() == null ^ this.getCustomKeyStoreName() == null) return false; if (other.getCustomKeyStoreName() != null && other.getCustomKeyStoreName().equals(this.getCustomKeyStoreName()) == false) return false; if (other.getCloudHsmClusterId() == null ^ this.getCloudHsmClusterId() == null) return false; if (other.getCloudHsmClusterId() != null && other.getCloudHsmClusterId().equals(this.getCloudHsmClusterId()) == false) return false; if (other.getTrustAnchorCertificate() == null ^ this.getTrustAnchorCertificate() == null) return false; if (other.getTrustAnchorCertificate() != null && other.getTrustAnchorCertificate().equals(this.getTrustAnchorCertificate()) == false) return false; if (other.getKeyStorePassword() == null ^ this.getKeyStorePassword() == null) return false; if (other.getKeyStorePassword() != null && other.getKeyStorePassword().equals(this.getKeyStorePassword()) == false) return false; if (other.getCustomKeyStoreType() == null ^ this.getCustomKeyStoreType() == null) return false; if (other.getCustomKeyStoreType() != null && other.getCustomKeyStoreType().equals(this.getCustomKeyStoreType()) == false) return false; if (other.getXksProxyUriEndpoint() == null ^ this.getXksProxyUriEndpoint() == null) return false; if (other.getXksProxyUriEndpoint() != null && other.getXksProxyUriEndpoint().equals(this.getXksProxyUriEndpoint()) == false) return false; if (other.getXksProxyUriPath() == null ^ this.getXksProxyUriPath() == null) return false; if (other.getXksProxyUriPath() != null && other.getXksProxyUriPath().equals(this.getXksProxyUriPath()) == false) return false; if (other.getXksProxyVpcEndpointServiceName() == null ^ this.getXksProxyVpcEndpointServiceName() == null) return false; if (other.getXksProxyVpcEndpointServiceName() != null && other.getXksProxyVpcEndpointServiceName().equals(this.getXksProxyVpcEndpointServiceName()) == false) return false; if (other.getXksProxyAuthenticationCredential() == null ^ this.getXksProxyAuthenticationCredential() == null) return false; if (other.getXksProxyAuthenticationCredential() != null && other.getXksProxyAuthenticationCredential().equals(this.getXksProxyAuthenticationCredential()) == false) return false; if (other.getXksProxyConnectivity() == null ^ this.getXksProxyConnectivity() == null) return false; if (other.getXksProxyConnectivity() != null && other.getXksProxyConnectivity().equals(this.getXksProxyConnectivity()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getCustomKeyStoreName() == null) ? 0 : getCustomKeyStoreName().hashCode()); hashCode = prime * hashCode + ((getCloudHsmClusterId() == null) ? 0 : getCloudHsmClusterId().hashCode()); hashCode = prime * hashCode + ((getTrustAnchorCertificate() == null) ? 0 : getTrustAnchorCertificate().hashCode()); hashCode = prime * hashCode + ((getKeyStorePassword() == null) ? 0 : getKeyStorePassword().hashCode()); hashCode = prime * hashCode + ((getCustomKeyStoreType() == null) ? 0 : getCustomKeyStoreType().hashCode()); hashCode = prime * hashCode + ((getXksProxyUriEndpoint() == null) ? 0 : getXksProxyUriEndpoint().hashCode()); hashCode = prime * hashCode + ((getXksProxyUriPath() == null) ? 0 : getXksProxyUriPath().hashCode()); hashCode = prime * hashCode + ((getXksProxyVpcEndpointServiceName() == null) ? 0 : getXksProxyVpcEndpointServiceName().hashCode()); hashCode = prime * hashCode + ((getXksProxyAuthenticationCredential() == null) ? 0 : getXksProxyAuthenticationCredential().hashCode()); hashCode = prime * hashCode + ((getXksProxyConnectivity() == null) ? 0 : getXksProxyConnectivity().hashCode()); return hashCode; } @Override public CreateCustomKeyStoreRequest clone() { return (CreateCustomKeyStoreRequest) super.clone(); } }