AWS SDK for C++  1.8.95
AWS SDK for C++
Public Member Functions | List of all members
Aws::KMS::Model::ReEncryptRequest Class Reference

#include <ReEncryptRequest.h>

+ Inheritance diagram for Aws::KMS::Model::ReEncryptRequest:

Public Member Functions

 ReEncryptRequest ()
 
virtual const char * GetServiceRequestName () const override
 
Aws::String SerializePayload () const override
 
Aws::Http::HeaderValueCollection GetRequestSpecificHeaders () const override
 
const Aws::Utils::ByteBufferGetCiphertextBlob () const
 
bool CiphertextBlobHasBeenSet () const
 
void SetCiphertextBlob (const Aws::Utils::ByteBuffer &value)
 
void SetCiphertextBlob (Aws::Utils::ByteBuffer &&value)
 
ReEncryptRequestWithCiphertextBlob (const Aws::Utils::ByteBuffer &value)
 
ReEncryptRequestWithCiphertextBlob (Aws::Utils::ByteBuffer &&value)
 
const Aws::Map< Aws::String, Aws::String > & GetSourceEncryptionContext () const
 
bool SourceEncryptionContextHasBeenSet () const
 
void SetSourceEncryptionContext (const Aws::Map< Aws::String, Aws::String > &value)
 
void SetSourceEncryptionContext (Aws::Map< Aws::String, Aws::String > &&value)
 
ReEncryptRequestWithSourceEncryptionContext (const Aws::Map< Aws::String, Aws::String > &value)
 
ReEncryptRequestWithSourceEncryptionContext (Aws::Map< Aws::String, Aws::String > &&value)
 
ReEncryptRequestAddSourceEncryptionContext (const Aws::String &key, const Aws::String &value)
 
ReEncryptRequestAddSourceEncryptionContext (Aws::String &&key, const Aws::String &value)
 
ReEncryptRequestAddSourceEncryptionContext (const Aws::String &key, Aws::String &&value)
 
ReEncryptRequestAddSourceEncryptionContext (Aws::String &&key, Aws::String &&value)
 
ReEncryptRequestAddSourceEncryptionContext (const char *key, Aws::String &&value)
 
ReEncryptRequestAddSourceEncryptionContext (Aws::String &&key, const char *value)
 
ReEncryptRequestAddSourceEncryptionContext (const char *key, const char *value)
 
const Aws::StringGetSourceKeyId () const
 
bool SourceKeyIdHasBeenSet () const
 
void SetSourceKeyId (const Aws::String &value)
 
void SetSourceKeyId (Aws::String &&value)
 
void SetSourceKeyId (const char *value)
 
ReEncryptRequestWithSourceKeyId (const Aws::String &value)
 
ReEncryptRequestWithSourceKeyId (Aws::String &&value)
 
ReEncryptRequestWithSourceKeyId (const char *value)
 
const Aws::StringGetDestinationKeyId () const
 
bool DestinationKeyIdHasBeenSet () const
 
void SetDestinationKeyId (const Aws::String &value)
 
void SetDestinationKeyId (Aws::String &&value)
 
void SetDestinationKeyId (const char *value)
 
ReEncryptRequestWithDestinationKeyId (const Aws::String &value)
 
ReEncryptRequestWithDestinationKeyId (Aws::String &&value)
 
ReEncryptRequestWithDestinationKeyId (const char *value)
 
const Aws::Map< Aws::String, Aws::String > & GetDestinationEncryptionContext () const
 
bool DestinationEncryptionContextHasBeenSet () const
 
void SetDestinationEncryptionContext (const Aws::Map< Aws::String, Aws::String > &value)
 
void SetDestinationEncryptionContext (Aws::Map< Aws::String, Aws::String > &&value)
 
ReEncryptRequestWithDestinationEncryptionContext (const Aws::Map< Aws::String, Aws::String > &value)
 
ReEncryptRequestWithDestinationEncryptionContext (Aws::Map< Aws::String, Aws::String > &&value)
 
ReEncryptRequestAddDestinationEncryptionContext (const Aws::String &key, const Aws::String &value)
 
ReEncryptRequestAddDestinationEncryptionContext (Aws::String &&key, const Aws::String &value)
 
ReEncryptRequestAddDestinationEncryptionContext (const Aws::String &key, Aws::String &&value)
 
ReEncryptRequestAddDestinationEncryptionContext (Aws::String &&key, Aws::String &&value)
 
ReEncryptRequestAddDestinationEncryptionContext (const char *key, Aws::String &&value)
 
ReEncryptRequestAddDestinationEncryptionContext (Aws::String &&key, const char *value)
 
ReEncryptRequestAddDestinationEncryptionContext (const char *key, const char *value)
 
const EncryptionAlgorithmSpecGetSourceEncryptionAlgorithm () const
 
bool SourceEncryptionAlgorithmHasBeenSet () const
 
void SetSourceEncryptionAlgorithm (const EncryptionAlgorithmSpec &value)
 
void SetSourceEncryptionAlgorithm (EncryptionAlgorithmSpec &&value)
 
ReEncryptRequestWithSourceEncryptionAlgorithm (const EncryptionAlgorithmSpec &value)
 
ReEncryptRequestWithSourceEncryptionAlgorithm (EncryptionAlgorithmSpec &&value)
 
const EncryptionAlgorithmSpecGetDestinationEncryptionAlgorithm () const
 
bool DestinationEncryptionAlgorithmHasBeenSet () const
 
void SetDestinationEncryptionAlgorithm (const EncryptionAlgorithmSpec &value)
 
void SetDestinationEncryptionAlgorithm (EncryptionAlgorithmSpec &&value)
 
ReEncryptRequestWithDestinationEncryptionAlgorithm (const EncryptionAlgorithmSpec &value)
 
ReEncryptRequestWithDestinationEncryptionAlgorithm (EncryptionAlgorithmSpec &&value)
 
const Aws::Vector< Aws::String > & GetGrantTokens () const
 
bool GrantTokensHasBeenSet () const
 
void SetGrantTokens (const Aws::Vector< Aws::String > &value)
 
void SetGrantTokens (Aws::Vector< Aws::String > &&value)
 
ReEncryptRequestWithGrantTokens (const Aws::Vector< Aws::String > &value)
 
ReEncryptRequestWithGrantTokens (Aws::Vector< Aws::String > &&value)
 
ReEncryptRequestAddGrantTokens (const Aws::String &value)
 
ReEncryptRequestAddGrantTokens (Aws::String &&value)
 
ReEncryptRequestAddGrantTokens (const char *value)
 
- Public Member Functions inherited from Aws::KMS::KMSRequest
virtual ~KMSRequest ()
 
void AddParametersToRequest (Aws::Http::HttpRequest &httpRequest) const
 
Aws::Http::HeaderValueCollection GetHeaders () const override
 
- Public Member Functions inherited from Aws::AmazonSerializableWebServiceRequest
 AmazonSerializableWebServiceRequest ()
 
virtual ~AmazonSerializableWebServiceRequest ()
 
std::shared_ptr< Aws::IOStreamGetBody () const override
 
- Public Member Functions inherited from Aws::AmazonWebServiceRequest
 AmazonWebServiceRequest ()
 
virtual ~AmazonWebServiceRequest ()=default
 
virtual void AddQueryStringParameters (Aws::Http::URI &uri) const
 
virtual void PutToPresignedUrl (Aws::Http::URI &uri) const
 
virtual bool IsStreaming () const
 
virtual bool IsEventStreamRequest () const
 
virtual bool SignBody () const
 
virtual bool IsChunked () const
 
virtual void SetRequestSignedHandler (const RequestSignedHandler &handler)
 
virtual const RequestSignedHandlerGetRequestSignedHandler () const
 
const Aws::IOStreamFactoryGetResponseStreamFactory () const
 
void SetResponseStreamFactory (const Aws::IOStreamFactory &factory)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 
virtual const Aws::Http::DataReceivedEventHandlerGetDataReceivedEventHandler () const
 
virtual const Aws::Http::DataSentEventHandlerGetDataSentEventHandler () const
 
virtual const Aws::Http::ContinueRequestHandlerGetContinueRequestHandler () const
 
virtual const RequestRetryHandlerGetRequestRetryHandler () const
 
virtual bool ShouldComputeContentMd5 () const
 

Additional Inherited Members

- Protected Member Functions inherited from Aws::AmazonWebServiceRequest
virtual void DumpBodyToUrl (Aws::Http::URI &uri) const
 

Detailed Description

Definition at line 25 of file ReEncryptRequest.h.

Constructor & Destructor Documentation

◆ ReEncryptRequest()

Aws::KMS::Model::ReEncryptRequest::ReEncryptRequest ( )

Member Function Documentation

◆ AddDestinationEncryptionContext() [1/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( const Aws::String key,
const Aws::String value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 696 of file ReEncryptRequest.h.

◆ AddDestinationEncryptionContext() [2/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( Aws::String &&  key,
const Aws::String value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 711 of file ReEncryptRequest.h.

◆ AddDestinationEncryptionContext() [3/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( const Aws::String key,
Aws::String &&  value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 726 of file ReEncryptRequest.h.

◆ AddDestinationEncryptionContext() [4/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( Aws::String &&  key,
Aws::String &&  value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 741 of file ReEncryptRequest.h.

◆ AddDestinationEncryptionContext() [5/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( const char *  key,
Aws::String &&  value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 756 of file ReEncryptRequest.h.

◆ AddDestinationEncryptionContext() [6/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( Aws::String &&  key,
const char *  value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 771 of file ReEncryptRequest.h.

◆ AddDestinationEncryptionContext() [7/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddDestinationEncryptionContext ( const char *  key,
const char *  value 
)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 786 of file ReEncryptRequest.h.

◆ AddGrantTokens() [1/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddGrantTokens ( const Aws::String value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 952 of file ReEncryptRequest.h.

◆ AddGrantTokens() [2/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddGrantTokens ( Aws::String &&  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 959 of file ReEncryptRequest.h.

◆ AddGrantTokens() [3/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddGrantTokens ( const char *  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 966 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [1/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( const Aws::String key,
const Aws::String value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 168 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [2/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( Aws::String &&  key,
const Aws::String value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 182 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [3/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( const Aws::String key,
Aws::String &&  value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 196 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [4/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( Aws::String &&  key,
Aws::String &&  value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 210 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [5/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( const char *  key,
Aws::String &&  value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 224 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [6/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( Aws::String &&  key,
const char *  value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 238 of file ReEncryptRequest.h.

◆ AddSourceEncryptionContext() [7/7]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::AddSourceEncryptionContext ( const char *  key,
const char *  value 
)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 252 of file ReEncryptRequest.h.

◆ CiphertextBlobHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::CiphertextBlobHasBeenSet ( ) const
inline

Ciphertext of the data to reencrypt.

Definition at line 49 of file ReEncryptRequest.h.

◆ DestinationEncryptionAlgorithmHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::DestinationEncryptionAlgorithmHasBeenSet ( ) const
inline

Specifies the encryption algorithm that AWS KMS will use to reecrypt the data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric CMKs.

This parameter is required only when the destination CMK is an asymmetric CMK.

Definition at line 870 of file ReEncryptRequest.h.

◆ DestinationEncryptionContextHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::DestinationEncryptionContextHasBeenSet ( ) const
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 621 of file ReEncryptRequest.h.

◆ DestinationKeyIdHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::DestinationKeyIdHasBeenSet ( ) const
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 476 of file ReEncryptRequest.h.

◆ GetCiphertextBlob()

const Aws::Utils::ByteBuffer& Aws::KMS::Model::ReEncryptRequest::GetCiphertextBlob ( ) const
inline

Ciphertext of the data to reencrypt.

Definition at line 44 of file ReEncryptRequest.h.

◆ GetDestinationEncryptionAlgorithm()

const EncryptionAlgorithmSpec& Aws::KMS::Model::ReEncryptRequest::GetDestinationEncryptionAlgorithm ( ) const
inline

Specifies the encryption algorithm that AWS KMS will use to reecrypt the data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric CMKs.

This parameter is required only when the destination CMK is an asymmetric CMK.

Definition at line 862 of file ReEncryptRequest.h.

◆ GetDestinationEncryptionContext()

const Aws::Map<Aws::String, Aws::String>& Aws::KMS::Model::ReEncryptRequest::GetDestinationEncryptionContext ( ) const
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 606 of file ReEncryptRequest.h.

◆ GetDestinationKeyId()

const Aws::String& Aws::KMS::Model::ReEncryptRequest::GetDestinationKeyId ( ) const
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 457 of file ReEncryptRequest.h.

◆ GetGrantTokens()

const Aws::Vector<Aws::String>& Aws::KMS::Model::ReEncryptRequest::GetGrantTokens ( ) const
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 910 of file ReEncryptRequest.h.

◆ GetRequestSpecificHeaders()

Aws::Http::HeaderValueCollection Aws::KMS::Model::ReEncryptRequest::GetRequestSpecificHeaders ( ) const
overridevirtual

Reimplemented from Aws::KMS::KMSRequest.

◆ GetServiceRequestName()

virtual const char* Aws::KMS::Model::ReEncryptRequest::GetServiceRequestName ( ) const
inlineoverridevirtual

Implements Aws::AmazonWebServiceRequest.

Definition at line 34 of file ReEncryptRequest.h.

◆ GetSourceEncryptionAlgorithm()

const EncryptionAlgorithmSpec& Aws::KMS::Model::ReEncryptRequest::GetSourceEncryptionAlgorithm ( ) const
inline

Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric CMKs.

Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the decrypt attempt fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK.

Definition at line 798 of file ReEncryptRequest.h.

◆ GetSourceEncryptionContext()

const Aws::Map<Aws::String, Aws::String>& Aws::KMS::Model::ReEncryptRequest::GetSourceEncryptionContext ( ) const
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 84 of file ReEncryptRequest.h.

◆ GetSourceKeyId()

const Aws::String& Aws::KMS::Model::ReEncryptRequest::GetSourceKeyId ( ) const
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 276 of file ReEncryptRequest.h.

◆ GrantTokensHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::GrantTokensHasBeenSet ( ) const
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 917 of file ReEncryptRequest.h.

◆ SerializePayload()

Aws::String Aws::KMS::Model::ReEncryptRequest::SerializePayload ( ) const
overridevirtual

Convert payload into String.

Implements Aws::AmazonSerializableWebServiceRequest.

◆ SetCiphertextBlob() [1/2]

void Aws::KMS::Model::ReEncryptRequest::SetCiphertextBlob ( const Aws::Utils::ByteBuffer value)
inline

Ciphertext of the data to reencrypt.

Definition at line 54 of file ReEncryptRequest.h.

◆ SetCiphertextBlob() [2/2]

void Aws::KMS::Model::ReEncryptRequest::SetCiphertextBlob ( Aws::Utils::ByteBuffer &&  value)
inline

Ciphertext of the data to reencrypt.

Definition at line 59 of file ReEncryptRequest.h.

◆ SetDestinationEncryptionAlgorithm() [1/2]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationEncryptionAlgorithm ( const EncryptionAlgorithmSpec value)
inline

Specifies the encryption algorithm that AWS KMS will use to reecrypt the data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric CMKs.

This parameter is required only when the destination CMK is an asymmetric CMK.

Definition at line 878 of file ReEncryptRequest.h.

◆ SetDestinationEncryptionAlgorithm() [2/2]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationEncryptionAlgorithm ( EncryptionAlgorithmSpec &&  value)
inline

Specifies the encryption algorithm that AWS KMS will use to reecrypt the data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric CMKs.

This parameter is required only when the destination CMK is an asymmetric CMK.

Definition at line 886 of file ReEncryptRequest.h.

◆ SetDestinationEncryptionContext() [1/2]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationEncryptionContext ( const Aws::Map< Aws::String, Aws::String > &  value)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 636 of file ReEncryptRequest.h.

◆ SetDestinationEncryptionContext() [2/2]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationEncryptionContext ( Aws::Map< Aws::String, Aws::String > &&  value)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 651 of file ReEncryptRequest.h.

◆ SetDestinationKeyId() [1/3]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationKeyId ( const Aws::String value)
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 495 of file ReEncryptRequest.h.

◆ SetDestinationKeyId() [2/3]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationKeyId ( Aws::String &&  value)
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 514 of file ReEncryptRequest.h.

◆ SetDestinationKeyId() [3/3]

void Aws::KMS::Model::ReEncryptRequest::SetDestinationKeyId ( const char *  value)
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 533 of file ReEncryptRequest.h.

◆ SetGrantTokens() [1/2]

void Aws::KMS::Model::ReEncryptRequest::SetGrantTokens ( const Aws::Vector< Aws::String > &  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 924 of file ReEncryptRequest.h.

◆ SetGrantTokens() [2/2]

void Aws::KMS::Model::ReEncryptRequest::SetGrantTokens ( Aws::Vector< Aws::String > &&  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 931 of file ReEncryptRequest.h.

◆ SetSourceEncryptionAlgorithm() [1/2]

void Aws::KMS::Model::ReEncryptRequest::SetSourceEncryptionAlgorithm ( const EncryptionAlgorithmSpec value)
inline

Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric CMKs.

Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the decrypt attempt fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK.

Definition at line 820 of file ReEncryptRequest.h.

◆ SetSourceEncryptionAlgorithm() [2/2]

void Aws::KMS::Model::ReEncryptRequest::SetSourceEncryptionAlgorithm ( EncryptionAlgorithmSpec &&  value)
inline

Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric CMKs.

Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the decrypt attempt fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK.

Definition at line 831 of file ReEncryptRequest.h.

◆ SetSourceEncryptionContext() [1/2]

void Aws::KMS::Model::ReEncryptRequest::SetSourceEncryptionContext ( const Aws::Map< Aws::String, Aws::String > &  value)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 112 of file ReEncryptRequest.h.

◆ SetSourceEncryptionContext() [2/2]

void Aws::KMS::Model::ReEncryptRequest::SetSourceEncryptionContext ( Aws::Map< Aws::String, Aws::String > &&  value)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 126 of file ReEncryptRequest.h.

◆ SetSourceKeyId() [1/3]

void Aws::KMS::Model::ReEncryptRequest::SetSourceKeyId ( const Aws::String value)
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 322 of file ReEncryptRequest.h.

◆ SetSourceKeyId() [2/3]

void Aws::KMS::Model::ReEncryptRequest::SetSourceKeyId ( Aws::String &&  value)
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 345 of file ReEncryptRequest.h.

◆ SetSourceKeyId() [3/3]

void Aws::KMS::Model::ReEncryptRequest::SetSourceKeyId ( const char *  value)
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 368 of file ReEncryptRequest.h.

◆ SourceEncryptionAlgorithmHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::SourceEncryptionAlgorithmHasBeenSet ( ) const
inline

Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric CMKs.

Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the decrypt attempt fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK.

Definition at line 809 of file ReEncryptRequest.h.

◆ SourceEncryptionContextHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::SourceEncryptionContextHasBeenSet ( ) const
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 98 of file ReEncryptRequest.h.

◆ SourceKeyIdHasBeenSet()

bool Aws::KMS::Model::ReEncryptRequest::SourceKeyIdHasBeenSet ( ) const
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 299 of file ReEncryptRequest.h.

◆ WithCiphertextBlob() [1/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithCiphertextBlob ( const Aws::Utils::ByteBuffer value)
inline

Ciphertext of the data to reencrypt.

Definition at line 64 of file ReEncryptRequest.h.

◆ WithCiphertextBlob() [2/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithCiphertextBlob ( Aws::Utils::ByteBuffer &&  value)
inline

Ciphertext of the data to reencrypt.

Definition at line 69 of file ReEncryptRequest.h.

◆ WithDestinationEncryptionAlgorithm() [1/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationEncryptionAlgorithm ( const EncryptionAlgorithmSpec value)
inline

Specifies the encryption algorithm that AWS KMS will use to reecrypt the data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric CMKs.

This parameter is required only when the destination CMK is an asymmetric CMK.

Definition at line 894 of file ReEncryptRequest.h.

◆ WithDestinationEncryptionAlgorithm() [2/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationEncryptionAlgorithm ( EncryptionAlgorithmSpec &&  value)
inline

Specifies the encryption algorithm that AWS KMS will use to reecrypt the data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption algorithm used for symmetric CMKs.

This parameter is required only when the destination CMK is an asymmetric CMK.

Definition at line 902 of file ReEncryptRequest.h.

◆ WithDestinationEncryptionContext() [1/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationEncryptionContext ( const Aws::Map< Aws::String, Aws::String > &  value)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 666 of file ReEncryptRequest.h.

◆ WithDestinationEncryptionContext() [2/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationEncryptionContext ( Aws::Map< Aws::String, Aws::String > &&  value)
inline

Specifies that encryption context to use when the reencrypting the data.

A destination encryption context is valid only when the destination CMK is a symmetric CMK. The standard ciphertext format for asymmetric CMKs does not include fields for metadata.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 681 of file ReEncryptRequest.h.

◆ WithDestinationKeyId() [1/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationKeyId ( const Aws::String value)
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 552 of file ReEncryptRequest.h.

◆ WithDestinationKeyId() [2/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationKeyId ( Aws::String &&  value)
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 571 of file ReEncryptRequest.h.

◆ WithDestinationKeyId() [3/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithDestinationKeyId ( const char *  value)
inline

A unique identifier for the CMK that is used to reencrypt the data. Specify a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To find the KeyUsage value of a CMK, use the DescribeKey operation.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 590 of file ReEncryptRequest.h.

◆ WithGrantTokens() [1/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithGrantTokens ( const Aws::Vector< Aws::String > &  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 938 of file ReEncryptRequest.h.

◆ WithGrantTokens() [2/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithGrantTokens ( Aws::Vector< Aws::String > &&  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 945 of file ReEncryptRequest.h.

◆ WithSourceEncryptionAlgorithm() [1/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceEncryptionAlgorithm ( const EncryptionAlgorithmSpec value)
inline

Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric CMKs.

Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the decrypt attempt fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK.

Definition at line 842 of file ReEncryptRequest.h.

◆ WithSourceEncryptionAlgorithm() [2/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceEncryptionAlgorithm ( EncryptionAlgorithmSpec &&  value)
inline

Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm used for symmetric CMKs.

Specify the same algorithm that was used to encrypt the ciphertext. If you specify a different algorithm, the decrypt attempt fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK.

Definition at line 853 of file ReEncryptRequest.h.

◆ WithSourceEncryptionContext() [1/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceEncryptionContext ( const Aws::Map< Aws::String, Aws::String > &  value)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 140 of file ReEncryptRequest.h.

◆ WithSourceEncryptionContext() [2/2]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceEncryptionContext ( Aws::Map< Aws::String, Aws::String > &&  value)
inline

Specifies the encryption context to use to decrypt the ciphertext. Enter the same encryption context that was used to encrypt the ciphertext.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 154 of file ReEncryptRequest.h.

◆ WithSourceKeyId() [1/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceKeyId ( const Aws::String value)
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 391 of file ReEncryptRequest.h.

◆ WithSourceKeyId() [2/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceKeyId ( Aws::String &&  value)
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 414 of file ReEncryptRequest.h.

◆ WithSourceKeyId() [3/3]

ReEncryptRequest& Aws::KMS::Model::ReEncryptRequest::WithSourceKeyId ( const char *  value)
inline

A unique identifier for the CMK that is used to decrypt the ciphertext before it reencrypts it using the destination CMK.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext before it is reencrypted.

If you specify a KeyId value, the decrypt part of the ReEncrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 437 of file ReEncryptRequest.h.


The documentation for this class was generated from the following file: