/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ /* * Do not modify this file. This file is generated from the firehose-2015-08-04.normal.json service model. */ using System; using System.Collections.Generic; using System.Xml.Serialization; using System.Text; using System.IO; using System.Net; using Amazon.Runtime; using Amazon.Runtime.Internal; namespace Amazon.KinesisFirehose.Model { ///

/// Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side /// Encryption (SSE). ///

public partial class DeliveryStreamEncryptionConfigurationInput { private string _keyARN; private KeyType _keyType; ///

/// Gets and sets the property KeyARN. /// /// If you set KeyType to CUSTOMER_MANAGED_CMK, you must specify /// the Amazon Resource Name (ARN) of the CMK. If you set KeyType to

Amazon
        /// Web Services_OWNED_CMK

, Kinesis Data Firehose uses a service-account CMK. /// ///

[AWSProperty(Min=1, Max=512)] public string KeyARN { get { return this._keyARN; } set { this._keyARN = value; } } // Check to see if KeyARN property is set internal bool IsSetKeyARN() { return this._keyARN != null; } ///

/// Gets and sets the property KeyType. /// /// Indicates the type of customer master key (CMK) to use for encryption. The default /// setting is Amazon Web Services_OWNED_CMK. For more information about /// CMKs, see Customer /// Master Keys (CMKs). When you invoke CreateDeliveryStream or StartDeliveryStreamEncryption /// with KeyType set to CUSTOMER_MANAGED_CMK, Kinesis Data Firehose invokes /// the Amazon KMS operation CreateGrant /// to create a grant that allows the Kinesis Data Firehose service to use the customer /// managed CMK to perform encryption and decryption. Kinesis Data Firehose manages that /// grant. /// /// /// /// When you invoke StartDeliveryStreamEncryption to change the CMK for a delivery /// stream that is encrypted with a customer managed CMK, Kinesis Data Firehose schedules /// the grant it had on the old CMK for retirement. /// /// /// /// You can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams. /// If a CreateDeliveryStream or StartDeliveryStreamEncryption operation /// exceeds this limit, Kinesis Data Firehose throws a LimitExceededException. /// /// /// /// /// To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't /// support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see /// About /// Symmetric and Asymmetric CMKs in the Amazon Web Services Key Management Service /// developer guide. /// /// ///

[AWSProperty(Required=true)] public KeyType KeyType { get { return this._keyType; } set { this._keyType = value; } } // Check to see if KeyType property is set internal bool IsSetKeyType() { return this._keyType != null; } } }