public class ReEncryptRequest extends AmazonWebServiceRequest implements java.io.Serializable
Encrypts data on the server side with a new customer master key (CMK) without exposing the plaintext of the data on the client side. The data is first decrypted and then reencrypted. You can also use this operation to change the encryption context of a ciphertext.
Unlike other operations, ReEncrypt
is authorized twice, once as
ReEncryptFrom
on the source CMK and once as
ReEncryptTo
on the destination CMK. We recommend that you
include the "kms:ReEncrypt*"
permission in your key
policies to permit reencryption from or to the CMK. This permission is
automatically included in the key policy when you create a CMK through the
console, but you must include it manually when you create a CMK
programmatically or when you set a key policy with the PutKeyPolicy
operation.
Constructor and Description |
---|
ReEncryptRequest() |
Modifier and Type | Method and Description |
---|---|
ReEncryptRequest |
addDestinationEncryptionContextEntry(java.lang.String key,
java.lang.String value)
Encryption context to use when the data is reencrypted.
|
ReEncryptRequest |
addSourceEncryptionContextEntry(java.lang.String key,
java.lang.String value)
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob parameter. |
ReEncryptRequest |
clearDestinationEncryptionContextEntries()
Removes all the entries added into DestinationEncryptionContext.
|
ReEncryptRequest |
clearSourceEncryptionContextEntries()
Removes all the entries added into SourceEncryptionContext.
|
boolean |
equals(java.lang.Object obj) |
java.nio.ByteBuffer |
getCiphertextBlob()
Ciphertext of the data to reencrypt.
|
java.util.Map<java.lang.String,java.lang.String> |
getDestinationEncryptionContext()
Encryption context to use when the data is reencrypted.
|
java.lang.String |
getDestinationKeyId()
A unique identifier for the CMK to use to reencrypt the data.
|
java.util.List<java.lang.String> |
getGrantTokens()
A list of grant tokens.
|
java.util.Map<java.lang.String,java.lang.String> |
getSourceEncryptionContext()
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob parameter. |
int |
hashCode() |
void |
setCiphertextBlob(java.nio.ByteBuffer ciphertextBlob)
Ciphertext of the data to reencrypt.
|
void |
setDestinationEncryptionContext(java.util.Map<java.lang.String,java.lang.String> destinationEncryptionContext)
Encryption context to use when the data is reencrypted.
|
void |
setDestinationKeyId(java.lang.String destinationKeyId)
A unique identifier for the CMK to use to reencrypt the data.
|
void |
setGrantTokens(java.util.Collection<java.lang.String> grantTokens)
A list of grant tokens.
|
void |
setSourceEncryptionContext(java.util.Map<java.lang.String,java.lang.String> sourceEncryptionContext)
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob parameter. |
java.lang.String |
toString()
Returns a string representation of this object; useful for testing and
debugging.
|
ReEncryptRequest |
withCiphertextBlob(java.nio.ByteBuffer ciphertextBlob)
Ciphertext of the data to reencrypt.
|
ReEncryptRequest |
withDestinationEncryptionContext(java.util.Map<java.lang.String,java.lang.String> destinationEncryptionContext)
Encryption context to use when the data is reencrypted.
|
ReEncryptRequest |
withDestinationKeyId(java.lang.String destinationKeyId)
A unique identifier for the CMK to use to reencrypt the data.
|
ReEncryptRequest |
withGrantTokens(java.util.Collection<java.lang.String> grantTokens)
A list of grant tokens.
|
ReEncryptRequest |
withGrantTokens(java.lang.String... grantTokens)
A list of grant tokens.
|
ReEncryptRequest |
withSourceEncryptionContext(java.util.Map<java.lang.String,java.lang.String> sourceEncryptionContext)
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob parameter. |
clone, getCloneRoot, getCloneSource, getGeneralProgressListener, getRequestClientOptions, getRequestCredentials, getRequestMetricCollector, setGeneralProgressListener, setRequestCredentials, setRequestMetricCollector, withGeneralProgressListener, withRequestMetricCollector
public java.nio.ByteBuffer getCiphertextBlob()
Ciphertext of the data to reencrypt.
Constraints:
Length: 1 - 6144
Ciphertext of the data to reencrypt.
public void setCiphertextBlob(java.nio.ByteBuffer ciphertextBlob)
Ciphertext of the data to reencrypt.
Constraints:
Length: 1 - 6144
ciphertextBlob
- Ciphertext of the data to reencrypt.
public ReEncryptRequest withCiphertextBlob(java.nio.ByteBuffer ciphertextBlob)
Ciphertext of the data to reencrypt.
Returns a reference to this object so that method calls can be chained together.
Constraints:
Length: 1 - 6144
ciphertextBlob
- Ciphertext of the data to reencrypt.
public java.util.Map<java.lang.String,java.lang.String> getSourceEncryptionContext()
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob
parameter.
Encryption context used to encrypt and decrypt the data specified
in the CiphertextBlob
parameter.
public void setSourceEncryptionContext(java.util.Map<java.lang.String,java.lang.String> sourceEncryptionContext)
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob
parameter.
sourceEncryptionContext
-
Encryption context used to encrypt and decrypt the data
specified in the CiphertextBlob
parameter.
public ReEncryptRequest withSourceEncryptionContext(java.util.Map<java.lang.String,java.lang.String> sourceEncryptionContext)
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob
parameter.
Returns a reference to this object so that method calls can be chained together.
sourceEncryptionContext
-
Encryption context used to encrypt and decrypt the data
specified in the CiphertextBlob
parameter.
public ReEncryptRequest addSourceEncryptionContextEntry(java.lang.String key, java.lang.String value)
Encryption context used to encrypt and decrypt the data specified in the
CiphertextBlob
parameter.
The method adds a new key-value pair into SourceEncryptionContext parameter, and returns a reference to this object so that method calls can be chained together.
key
- The key of the entry to be added into SourceEncryptionContext.value
- The corresponding value of the entry to be added into
SourceEncryptionContext.public ReEncryptRequest clearSourceEncryptionContextEntries()
Returns a reference to this object so that method calls can be chained together.
public java.lang.String getDestinationKeyId()
A unique identifier for the CMK to use to reencrypt the data. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by "alias/".
Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234 -1234-123456789012
Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Alias Name Example - alias/MyAliasName
Constraints:
Length: 1 - 256
A unique identifier for the CMK to use to reencrypt the data. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by "alias/".
Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678- 1234-1234-1234-123456789012
Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Alias Name Example - alias/MyAliasName
public void setDestinationKeyId(java.lang.String destinationKeyId)
A unique identifier for the CMK to use to reencrypt the data. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by "alias/".
Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234 -1234-123456789012
Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Alias Name Example - alias/MyAliasName
Constraints:
Length: 1 - 256
destinationKeyId
- A unique identifier for the CMK to use to reencrypt the data. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by "alias/".
Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678 -1234-1234-1234-123456789012
Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Alias Name Example - alias/MyAliasName
public ReEncryptRequest withDestinationKeyId(java.lang.String destinationKeyId)
A unique identifier for the CMK to use to reencrypt the data. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by "alias/".
Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234 -1234-123456789012
Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Alias Name Example - alias/MyAliasName
Returns a reference to this object so that method calls can be chained together.
Constraints:
Length: 1 - 256
destinationKeyId
- A unique identifier for the CMK to use to reencrypt the data. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by "alias/".
Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678 -1234-1234-1234-123456789012
Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Alias Name Example - alias/MyAliasName
public java.util.Map<java.lang.String,java.lang.String> getDestinationEncryptionContext()
Encryption context to use when the data is reencrypted.
Encryption context to use when the data is reencrypted.
public void setDestinationEncryptionContext(java.util.Map<java.lang.String,java.lang.String> destinationEncryptionContext)
Encryption context to use when the data is reencrypted.
destinationEncryptionContext
- Encryption context to use when the data is reencrypted.
public ReEncryptRequest withDestinationEncryptionContext(java.util.Map<java.lang.String,java.lang.String> destinationEncryptionContext)
Encryption context to use when the data is reencrypted.
Returns a reference to this object so that method calls can be chained together.
destinationEncryptionContext
- Encryption context to use when the data is reencrypted.
public ReEncryptRequest addDestinationEncryptionContextEntry(java.lang.String key, java.lang.String value)
Encryption context to use when the data is reencrypted.
The method adds a new key-value pair into DestinationEncryptionContext parameter, and returns a reference to this object so that method calls can be chained together.
key
- The key of the entry to be added into
DestinationEncryptionContext.value
- The corresponding value of the entry to be added into
DestinationEncryptionContext.public ReEncryptRequest clearDestinationEncryptionContextEntries()
Returns a reference to this object so that method calls can be chained together.
public java.util.List<java.lang.String> getGrantTokens()
A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
public void setGrantTokens(java.util.Collection<java.lang.String> grantTokens)
A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
grantTokens
- A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
public ReEncryptRequest withGrantTokens(java.lang.String... grantTokens)
A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
Returns a reference to this object so that method calls can be chained together.
grantTokens
- A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
public ReEncryptRequest withGrantTokens(java.util.Collection<java.lang.String> grantTokens)
A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
Returns a reference to this object so that method calls can be chained together.
grantTokens
- A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.
public java.lang.String toString()
toString
in class java.lang.Object
Object.toString()
public int hashCode()
hashCode
in class java.lang.Object
public boolean equals(java.lang.Object obj)
equals
in class java.lang.Object
Copyright © 2010 Amazon Web Services, Inc. All Rights Reserved.