* Information about the encryption of data at rest in an Amazon QLDB ledger. This includes the current status, the key * in Key Management Service (KMS), and when the key became inaccessible (in the case of an error). *
** For more information, see Encryption at rest in the * Amazon QLDB Developer Guide. *
* * @see AWS * API Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class LedgerEncryptionDescription implements Serializable, Cloneable, StructuredPojo { /** ** The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at rest. If * this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption. *
*/ private String kmsKeyArn; /** ** The current state of encryption at rest for the ledger. This can be one of the following values: *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while the key * change is being processed. The amount of time it takes to update a key varies depending on the ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the ledger is
* impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a ledger is
* impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or re-enable * the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a key is deleted, * you can no longer access the ledgers that are protected with that key, and the data becomes unrecoverable * permanently. *
** The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an error. * (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.) *
** This parameter is undefined if the KMS key is accessible. *
*/ private java.util.Date inaccessibleKmsKeyDateTime; /** ** The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at rest. If * this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption. *
* * @param kmsKeyArn * The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at * rest. If this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption. */ public void setKmsKeyArn(String kmsKeyArn) { this.kmsKeyArn = kmsKeyArn; } /** ** The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at rest. If * this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption. *
* * @return The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at * rest. If this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for * encryption. */ public String getKmsKeyArn() { return this.kmsKeyArn; } /** ** The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at rest. If * this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption. *
* * @param kmsKeyArn * The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at * rest. If this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption. * @return Returns a reference to this object so that method calls can be chained together. */ public LedgerEncryptionDescription withKmsKeyArn(String kmsKeyArn) { setKmsKeyArn(kmsKeyArn); return this; } /** ** The current state of encryption at rest for the ledger. This can be one of the following values: *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while the key * change is being processed. The amount of time it takes to update a key varies depending on the ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the ledger is
* impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a ledger is
* impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or re-enable * the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a key is deleted, * you can no longer access the ledgers that are protected with that key, and the data becomes unrecoverable * permanently. *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while * the key change is being processed. The amount of time it takes to update a key varies depending on the * ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the
* ledger is impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a
* ledger is impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or * re-enable the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a * key is deleted, you can no longer access the ledgers that are protected with that key, and the data * becomes unrecoverable permanently. *
** The current state of encryption at rest for the ledger. This can be one of the following values: *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while the key * change is being processed. The amount of time it takes to update a key varies depending on the ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the ledger is
* impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a ledger is
* impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or re-enable * the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a key is deleted, * you can no longer access the ledgers that are protected with that key, and the data becomes unrecoverable * permanently. *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while * the key change is being processed. The amount of time it takes to update a key varies depending on the * ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the
* ledger is impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a
* ledger is impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or * re-enable the key that was disabled. However, deleting a customer managed KMS key is irreversible. After * a key is deleted, you can no longer access the ledgers that are protected with that key, and the data * becomes unrecoverable permanently. *
** The current state of encryption at rest for the ledger. This can be one of the following values: *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while the key * change is being processed. The amount of time it takes to update a key varies depending on the ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the ledger is
* impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a ledger is
* impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or re-enable * the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a key is deleted, * you can no longer access the ledgers that are protected with that key, and the data becomes unrecoverable * permanently. *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while * the key change is being processed. The amount of time it takes to update a key varies depending on the * ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the
* ledger is impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a
* ledger is impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or * re-enable the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a * key is deleted, you can no longer access the ledgers that are protected with that key, and the data * becomes unrecoverable permanently. *
** The current state of encryption at rest for the ledger. This can be one of the following values: *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while the key * change is being processed. The amount of time it takes to update a key varies depending on the ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the ledger is
* impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a ledger is
* impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or re-enable * the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a key is deleted, * you can no longer access the ledgers that are protected with that key, and the data becomes unrecoverable * permanently. *
*
* ENABLED: Encryption is fully enabled using the specified key.
*
* UPDATING: The ledger is actively processing the specified key change.
*
* Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while * the key change is being processed. The amount of time it takes to update a key varies depending on the * ledger size. *
*
* KMS_KEY_INACCESSIBLE: The specified customer managed KMS key is not accessible, and the
* ledger is impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a
* ledger is impaired, it is not accessible and does not accept any read or write requests.
*
* An impaired ledger automatically returns to an active state after you restore the grants on the key, or * re-enable the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a * key is deleted, you can no longer access the ledgers that are protected with that key, and the data * becomes unrecoverable permanently. *
** The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an error. * (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.) *
** This parameter is undefined if the KMS key is accessible. *
* * @param inaccessibleKmsKeyDateTime * The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an * error. (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 * UTC.) ** This parameter is undefined if the KMS key is accessible. */ public void setInaccessibleKmsKeyDateTime(java.util.Date inaccessibleKmsKeyDateTime) { this.inaccessibleKmsKeyDateTime = inaccessibleKmsKeyDateTime; } /** *
* The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an error. * (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.) *
** This parameter is undefined if the KMS key is accessible. *
* * @return The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an * error. (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 * UTC.) ** This parameter is undefined if the KMS key is accessible. */ public java.util.Date getInaccessibleKmsKeyDateTime() { return this.inaccessibleKmsKeyDateTime; } /** *
* The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an error. * (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.) *
** This parameter is undefined if the KMS key is accessible. *
* * @param inaccessibleKmsKeyDateTime * The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an * error. (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 * UTC.) ** This parameter is undefined if the KMS key is accessible. * @return Returns a reference to this object so that method calls can be chained together. */ public LedgerEncryptionDescription withInaccessibleKmsKeyDateTime(java.util.Date inaccessibleKmsKeyDateTime) { setInaccessibleKmsKeyDateTime(inaccessibleKmsKeyDateTime); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKmsKeyArn() != null) sb.append("KmsKeyArn: ").append(getKmsKeyArn()).append(","); if (getEncryptionStatus() != null) sb.append("EncryptionStatus: ").append(getEncryptionStatus()).append(","); if (getInaccessibleKmsKeyDateTime() != null) sb.append("InaccessibleKmsKeyDateTime: ").append(getInaccessibleKmsKeyDateTime()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof LedgerEncryptionDescription == false) return false; LedgerEncryptionDescription other = (LedgerEncryptionDescription) obj; if (other.getKmsKeyArn() == null ^ this.getKmsKeyArn() == null) return false; if (other.getKmsKeyArn() != null && other.getKmsKeyArn().equals(this.getKmsKeyArn()) == false) return false; if (other.getEncryptionStatus() == null ^ this.getEncryptionStatus() == null) return false; if (other.getEncryptionStatus() != null && other.getEncryptionStatus().equals(this.getEncryptionStatus()) == false) return false; if (other.getInaccessibleKmsKeyDateTime() == null ^ this.getInaccessibleKmsKeyDateTime() == null) return false; if (other.getInaccessibleKmsKeyDateTime() != null && other.getInaccessibleKmsKeyDateTime().equals(this.getInaccessibleKmsKeyDateTime()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getKmsKeyArn() == null) ? 0 : getKmsKeyArn().hashCode()); hashCode = prime * hashCode + ((getEncryptionStatus() == null) ? 0 : getEncryptionStatus().hashCode()); hashCode = prime * hashCode + ((getInaccessibleKmsKeyDateTime() == null) ? 0 : getInaccessibleKmsKeyDateTime().hashCode()); return hashCode; } @Override public LedgerEncryptionDescription clone() { try { return (LedgerEncryptionDescription) super.clone(); } catch (CloneNotSupportedException e) { throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e); } } @com.amazonaws.annotation.SdkInternalApi @Override public void marshall(ProtocolMarshaller protocolMarshaller) { com.amazonaws.services.qldb.model.transform.LedgerEncryptionDescriptionMarshaller.getInstance().marshall(this, protocolMarshaller); } }