* Ciphertext of the data to reencrypt. *
*/ private java.nio.ByteBuffer ciphertextBlob; /** ** Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was * used to encrypt the ciphertext. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *
** For more information, see Encryption context * in the Key Management Service Developer Guide. *
*/ private com.amazonaws.internal.SdkInternalMap* Specifies the KMS key that KMS will use to decrypt the ciphertext before it is re-encrypted. *
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
* ReEncrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a * symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext * blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that * you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
*/ private String sourceKeyId; /** *
* A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption KMS key or
* an asymmetric KMS key with a KeyUsage value of ENCRYPT_DECRYPT. To find the
* KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
*/ private String destinationKeyId; /** ** Specifies that encryption context to use when the reencrypting the data. *
** Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *
** A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS key. * The standard ciphertext format for asymmetric KMS keys does not include fields for metadata. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *
** For more information, see Encryption context * in the Key Management Service Developer Guide. *
*/ private com.amazonaws.internal.SdkInternalMap
* Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. The
* default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption KMS keys.
*
* Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the * decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. *
*/ private String sourceEncryptionAlgorithm; /** *
* Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The default
* value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric encryption KMS
* keys.
*
* This parameter is required only when the destination KMS key is an asymmetric KMS key. *
*/ private String destinationEncryptionAlgorithm; /** ** A list of grant tokens. *
** Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *
*/ private com.amazonaws.internal.SdkInternalList
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
*/ private Boolean dryRun; /** ** Ciphertext of the data to reencrypt. *
** The AWS SDK for Java performs a Base64 encoding on this field before sending this request to the AWS service. * Users of the SDK should not perform Base64 encoding on this field. *
** Warning: ByteBuffers returned by the SDK are mutable. Changes to the content or position of the byte buffer will * be seen by all objects that have a reference to this object. It is recommended to call ByteBuffer.duplicate() or * ByteBuffer.asReadOnlyBuffer() before using or reading from the buffer. This behavior will be changed in a future * major version of the SDK. *
* * @param ciphertextBlob * Ciphertext of the data to reencrypt. */ public void setCiphertextBlob(java.nio.ByteBuffer ciphertextBlob) { this.ciphertextBlob = ciphertextBlob; } /** ** Ciphertext of the data to reencrypt. *
** {@code ByteBuffer}s are stateful. Calling their {@code get} methods changes their {@code position}. We recommend * using {@link java.nio.ByteBuffer#asReadOnlyBuffer()} to create a read-only view of the buffer with an independent * {@code position}, and calling {@code get} methods on this rather than directly on the returned {@code ByteBuffer}. * Doing so will ensure that anyone else using the {@code ByteBuffer} will not be affected by changes to the * {@code position}. *
* * @return Ciphertext of the data to reencrypt. */ public java.nio.ByteBuffer getCiphertextBlob() { return this.ciphertextBlob; } /** ** Ciphertext of the data to reencrypt. *
** The AWS SDK for Java performs a Base64 encoding on this field before sending this request to the AWS service. * Users of the SDK should not perform Base64 encoding on this field. *
** Warning: ByteBuffers returned by the SDK are mutable. Changes to the content or position of the byte buffer will * be seen by all objects that have a reference to this object. It is recommended to call ByteBuffer.duplicate() or * ByteBuffer.asReadOnlyBuffer() before using or reading from the buffer. This behavior will be changed in a future * major version of the SDK. *
* * @param ciphertextBlob * Ciphertext of the data to reencrypt. * @return Returns a reference to this object so that method calls can be chained together. */ public ReEncryptRequest withCiphertextBlob(java.nio.ByteBuffer ciphertextBlob) { setCiphertextBlob(ciphertextBlob); return this; } /** ** Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was * used to encrypt the ciphertext. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *
** For more information, see Encryption context * in the Key Management Service Developer Guide. *
* * @return Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that * was used to encrypt the ciphertext. ** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
*/
public java.util.Map
* Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was
* used to encrypt the ciphertext.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional
* authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact
* case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on
* operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption
* context is optional, but it is strongly recommended.
*
* For more information, see Encryption context
* in the Key Management Service Developer Guide.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
*/
public void setSourceEncryptionContext(java.util.Map
* Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was
* used to encrypt the ciphertext.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional
* authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact
* case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on
* operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption
* context is optional, but it is strongly recommended.
*
* For more information, see Encryption context
* in the Key Management Service Developer Guide.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ReEncryptRequest withSourceEncryptionContext(java.util.Map
* Specifies the KMS key that KMS will use to decrypt the ciphertext before it is re-encrypted.
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a
* symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext
* blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that
* you intend.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
*
* For example:
*
* Key ID:
* Key ARN:
* Alias name:
* Alias ARN:
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and
* alias ARN, use ListAliases.
* ReEncrypt operation throws an IncorrectKeyException.
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
*
* 1234abcd-12ab-34cd-56ef-1234567890ab
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
* alias/ExampleAlias
* arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS
* key, the ReEncrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used * a symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric * ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use * the KMS key that you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public void setSourceKeyId(String sourceKeyId) { this.sourceKeyId = sourceKeyId; } /** *
* Specifies the KMS key that KMS will use to decrypt the ciphertext before it is re-encrypted. *
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
* ReEncrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a * symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext * blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that * you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @return Specifies the KMS key that KMS will use to decrypt the ciphertext before it is re-encrypted. *
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS
* key, the ReEncrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you * used a symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric * ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use * the KMS key that you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public String getSourceKeyId() { return this.sourceKeyId; } /** *
* Specifies the KMS key that KMS will use to decrypt the ciphertext before it is re-encrypted. *
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
* ReEncrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a * symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext * blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that * you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @param sourceKeyId * Specifies the KMS key that KMS will use to decrypt the ciphertext before it is re-encrypted. *
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS
* key, the ReEncrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used * a symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric * ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use * the KMS key that you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. * @return Returns a reference to this object so that method calls can be chained together. */ public ReEncryptRequest withSourceKeyId(String sourceKeyId) { setSourceKeyId(sourceKeyId); return this; } /** *
* A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption KMS key or
* an asymmetric KMS key with a KeyUsage value of ENCRYPT_DECRYPT. To find the
* KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @param destinationKeyId * A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption KMS * key or an asymmetric KMS key with aKeyUsage value of ENCRYPT_DECRYPT. To find
* the KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public void setDestinationKeyId(String destinationKeyId) { this.destinationKeyId = destinationKeyId; } /** *
* A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption KMS key or
* an asymmetric KMS key with a KeyUsage value of ENCRYPT_DECRYPT. To find the
* KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @return A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption * KMS key or an asymmetric KMS key with aKeyUsage value of ENCRYPT_DECRYPT. To
* find the KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public String getDestinationKeyId() { return this.destinationKeyId; } /** *
* A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption KMS key or
* an asymmetric KMS key with a KeyUsage value of ENCRYPT_DECRYPT. To find the
* KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @param destinationKeyId * A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric encryption KMS * key or an asymmetric KMS key with aKeyUsage value of ENCRYPT_DECRYPT. To find
* the KeyUsage value of a KMS key, use the DescribeKey operation.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. * @return Returns a reference to this object so that method calls can be chained together. */ public ReEncryptRequest withDestinationKeyId(String destinationKeyId) { setDestinationKeyId(destinationKeyId); return this; } /** *
* Specifies that encryption context to use when the reencrypting the data. *
** Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in * CloudTrail logs and other output. *
** A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS key. * The standard ciphertext format for asymmetric KMS keys does not include fields for metadata. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *
** For more information, see Encryption context * in the Key Management Service Developer Guide. *
* * @return Specifies that encryption context to use when the reencrypting the data.* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *
** A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS * key. The standard ciphertext format for asymmetric KMS keys does not include fields for metadata. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
*/
public java.util.Map
* Specifies that encryption context to use when the reencrypting the data.
*
* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in
* CloudTrail logs and other output.
*
* A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS key.
* The standard ciphertext format for asymmetric KMS keys does not include fields for metadata.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional
* authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact
* case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on
* operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption
* context is optional, but it is strongly recommended.
*
* For more information, see Encryption context
* in the Key Management Service Developer Guide.
*
* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *
** A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS * key. The standard ciphertext format for asymmetric KMS keys does not include fields for metadata. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
*/
public void setDestinationEncryptionContext(java.util.Map
* Specifies that encryption context to use when the reencrypting the data.
*
* Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in
* CloudTrail logs and other output.
*
* A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS key.
* The standard ciphertext format for asymmetric KMS keys does not include fields for metadata.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional
* authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact
* case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on
* operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption
* context is optional, but it is strongly recommended.
*
* For more information, see Encryption context
* in the Key Management Service Developer Guide.
*
* Do not include confidential or sensitive information in this field. This field may be displayed in * plaintext in CloudTrail logs and other output. *
** A destination encryption context is valid only when the destination KMS key is a symmetric encryption KMS * key. The standard ciphertext format for asymmetric KMS keys does not include fields for metadata. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ReEncryptRequest withDestinationEncryptionContext(java.util.Map
* Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. The
* default value,
* Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the
* decrypt attempt fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.
* SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption KMS keys.
* SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption
* KMS keys.
* Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, * the decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. * @see EncryptionAlgorithmSpec */ public void setSourceEncryptionAlgorithm(String sourceEncryptionAlgorithm) { this.sourceEncryptionAlgorithm = sourceEncryptionAlgorithm; } /** *
* Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. The
* default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption KMS keys.
*
* Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the * decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. *
* * @return Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. * The default value,SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption
* KMS keys.
* * Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, * the decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. * @see EncryptionAlgorithmSpec */ public String getSourceEncryptionAlgorithm() { return this.sourceEncryptionAlgorithm; } /** *
* Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. The
* default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption KMS keys.
*
* Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the * decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. *
* * @param sourceEncryptionAlgorithm * Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. * The default value,SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption
* KMS keys.
* * Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, * the decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. * @return Returns a reference to this object so that method calls can be chained together. * @see EncryptionAlgorithmSpec */ public ReEncryptRequest withSourceEncryptionAlgorithm(String sourceEncryptionAlgorithm) { setSourceEncryptionAlgorithm(sourceEncryptionAlgorithm); return this; } /** *
* Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. The
* default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption KMS keys.
*
* Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the * decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. *
* * @param sourceEncryptionAlgorithm * Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it is reencrypted. * The default value,SYMMETRIC_DEFAULT, represents the algorithm used for symmetric encryption
* KMS keys.
* * Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, * the decrypt attempt fails. *
** This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. * @return Returns a reference to this object so that method calls can be chained together. * @see EncryptionAlgorithmSpec */ public ReEncryptRequest withSourceEncryptionAlgorithm(EncryptionAlgorithmSpec sourceEncryptionAlgorithm) { this.sourceEncryptionAlgorithm = sourceEncryptionAlgorithm.toString(); return this; } /** *
* Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The default
* value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric encryption KMS
* keys.
*
* This parameter is required only when the destination KMS key is an asymmetric KMS key. *
* * @param destinationEncryptionAlgorithm * Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The * default value,SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric
* encryption KMS keys.
* * This parameter is required only when the destination KMS key is an asymmetric KMS key. * @see EncryptionAlgorithmSpec */ public void setDestinationEncryptionAlgorithm(String destinationEncryptionAlgorithm) { this.destinationEncryptionAlgorithm = destinationEncryptionAlgorithm; } /** *
* Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The default
* value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric encryption KMS
* keys.
*
* This parameter is required only when the destination KMS key is an asymmetric KMS key. *
* * @return Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The * default value,SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric
* encryption KMS keys.
* * This parameter is required only when the destination KMS key is an asymmetric KMS key. * @see EncryptionAlgorithmSpec */ public String getDestinationEncryptionAlgorithm() { return this.destinationEncryptionAlgorithm; } /** *
* Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The default
* value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric encryption KMS
* keys.
*
* This parameter is required only when the destination KMS key is an asymmetric KMS key. *
* * @param destinationEncryptionAlgorithm * Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The * default value,SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric
* encryption KMS keys.
* * This parameter is required only when the destination KMS key is an asymmetric KMS key. * @return Returns a reference to this object so that method calls can be chained together. * @see EncryptionAlgorithmSpec */ public ReEncryptRequest withDestinationEncryptionAlgorithm(String destinationEncryptionAlgorithm) { setDestinationEncryptionAlgorithm(destinationEncryptionAlgorithm); return this; } /** *
* Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The default
* value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric encryption KMS
* keys.
*
* This parameter is required only when the destination KMS key is an asymmetric KMS key. *
* * @param destinationEncryptionAlgorithm * Specifies the encryption algorithm that KMS will use to reecrypt the data after it has decrypted it. The * default value,SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric
* encryption KMS keys.
* * This parameter is required only when the destination KMS key is an asymmetric KMS key. * @return Returns a reference to this object so that method calls can be chained together. * @see EncryptionAlgorithmSpec */ public ReEncryptRequest withDestinationEncryptionAlgorithm(EncryptionAlgorithmSpec destinationEncryptionAlgorithm) { this.destinationEncryptionAlgorithm = destinationEncryptionAlgorithm.toString(); return this; } /** *
* A list of grant tokens. *
** Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *
* * @return A list of grant tokens. *
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
*/
public java.util.List
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
*/
public void setGrantTokens(java.util.Collection
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setGrantTokens(java.util.Collection)} or {@link #withGrantTokens(java.util.Collection)} if you want to
* override the existing values.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ReEncryptRequest withGrantTokens(String... grantTokens) {
if (this.grantTokens == null) {
setGrantTokens(new com.amazonaws.internal.SdkInternalList
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ReEncryptRequest withGrantTokens(java.util.Collection
* Checks if your request will succeed.
* To learn more about how to use this parameter, see Testing your KMS API
* calls in the Key Management Service Developer Guide.
* DryRun is an optional parameter.
* DryRun is an optional parameter.
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public void setDryRun(Boolean dryRun) { this.dryRun = dryRun; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @return Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public Boolean getDryRun() { return this.dryRun; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @param dryRun * Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public ReEncryptRequest withDryRun(Boolean dryRun) { setDryRun(dryRun); return this; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @return Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public Boolean isDryRun() { return this.dryRun; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getCiphertextBlob() != null) sb.append("CiphertextBlob: ").append(getCiphertextBlob()).append(","); if (getSourceEncryptionContext() != null) sb.append("SourceEncryptionContext: ").append(getSourceEncryptionContext()).append(","); if (getSourceKeyId() != null) sb.append("SourceKeyId: ").append(getSourceKeyId()).append(","); if (getDestinationKeyId() != null) sb.append("DestinationKeyId: ").append(getDestinationKeyId()).append(","); if (getDestinationEncryptionContext() != null) sb.append("DestinationEncryptionContext: ").append(getDestinationEncryptionContext()).append(","); if (getSourceEncryptionAlgorithm() != null) sb.append("SourceEncryptionAlgorithm: ").append(getSourceEncryptionAlgorithm()).append(","); if (getDestinationEncryptionAlgorithm() != null) sb.append("DestinationEncryptionAlgorithm: ").append(getDestinationEncryptionAlgorithm()).append(","); if (getGrantTokens() != null) sb.append("GrantTokens: ").append(getGrantTokens()).append(","); if (getDryRun() != null) sb.append("DryRun: ").append(getDryRun()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof ReEncryptRequest == false) return false; ReEncryptRequest other = (ReEncryptRequest) obj; if (other.getCiphertextBlob() == null ^ this.getCiphertextBlob() == null) return false; if (other.getCiphertextBlob() != null && other.getCiphertextBlob().equals(this.getCiphertextBlob()) == false) return false; if (other.getSourceEncryptionContext() == null ^ this.getSourceEncryptionContext() == null) return false; if (other.getSourceEncryptionContext() != null && other.getSourceEncryptionContext().equals(this.getSourceEncryptionContext()) == false) return false; if (other.getSourceKeyId() == null ^ this.getSourceKeyId() == null) return false; if (other.getSourceKeyId() != null && other.getSourceKeyId().equals(this.getSourceKeyId()) == false) return false; if (other.getDestinationKeyId() == null ^ this.getDestinationKeyId() == null) return false; if (other.getDestinationKeyId() != null && other.getDestinationKeyId().equals(this.getDestinationKeyId()) == false) return false; if (other.getDestinationEncryptionContext() == null ^ this.getDestinationEncryptionContext() == null) return false; if (other.getDestinationEncryptionContext() != null && other.getDestinationEncryptionContext().equals(this.getDestinationEncryptionContext()) == false) return false; if (other.getSourceEncryptionAlgorithm() == null ^ this.getSourceEncryptionAlgorithm() == null) return false; if (other.getSourceEncryptionAlgorithm() != null && other.getSourceEncryptionAlgorithm().equals(this.getSourceEncryptionAlgorithm()) == false) return false; if (other.getDestinationEncryptionAlgorithm() == null ^ this.getDestinationEncryptionAlgorithm() == null) return false; if (other.getDestinationEncryptionAlgorithm() != null && other.getDestinationEncryptionAlgorithm().equals(this.getDestinationEncryptionAlgorithm()) == false) return false; if (other.getGrantTokens() == null ^ this.getGrantTokens() == null) return false; if (other.getGrantTokens() != null && other.getGrantTokens().equals(this.getGrantTokens()) == false) return false; if (other.getDryRun() == null ^ this.getDryRun() == null) return false; if (other.getDryRun() != null && other.getDryRun().equals(this.getDryRun()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getCiphertextBlob() == null) ? 0 : getCiphertextBlob().hashCode()); hashCode = prime * hashCode + ((getSourceEncryptionContext() == null) ? 0 : getSourceEncryptionContext().hashCode()); hashCode = prime * hashCode + ((getSourceKeyId() == null) ? 0 : getSourceKeyId().hashCode()); hashCode = prime * hashCode + ((getDestinationKeyId() == null) ? 0 : getDestinationKeyId().hashCode()); hashCode = prime * hashCode + ((getDestinationEncryptionContext() == null) ? 0 : getDestinationEncryptionContext().hashCode()); hashCode = prime * hashCode + ((getSourceEncryptionAlgorithm() == null) ? 0 : getSourceEncryptionAlgorithm().hashCode()); hashCode = prime * hashCode + ((getDestinationEncryptionAlgorithm() == null) ? 0 : getDestinationEncryptionAlgorithm().hashCode()); hashCode = prime * hashCode + ((getGrantTokens() == null) ? 0 : getGrantTokens().hashCode()); hashCode = prime * hashCode + ((getDryRun() == null) ? 0 : getDryRun().hashCode()); return hashCode; } @Override public ReEncryptRequest clone() { return (ReEncryptRequest) super.clone(); } }