@Generated(value="software.amazon.awssdk:codegen") public final class KeyMetadata extends Object implements SdkPojo, Serializable, ToCopyableBuilder<KeyMetadata.Builder,KeyMetadata>
Contains metadata about a customer master key (CMK).
This data type is used as a response element for the CreateKey and DescribeKey operations.
Modifier and Type | Class and Description |
---|---|
static interface |
KeyMetadata.Builder |
Modifier and Type | Method and Description |
---|---|
String |
arn()
The Amazon Resource Name (ARN) of the CMK.
|
String |
awsAccountId()
The twelve-digit account ID of the AWS account that owns the CMK.
|
static KeyMetadata.Builder |
builder() |
String |
cloudHsmClusterId()
The cluster ID of the AWS CloudHSM cluster that contains the key material for the CMK.
|
Instant |
creationDate()
The date and time when the CMK was created.
|
CustomerMasterKeySpec |
customerMasterKeySpec()
Describes the type of key material in the CMK.
|
String |
customerMasterKeySpecAsString()
Describes the type of key material in the CMK.
|
String |
customKeyStoreId()
A unique identifier for the custom key store
that contains the CMK.
|
Instant |
deletionDate()
The date and time after which AWS KMS deletes the CMK.
|
String |
description()
The description of the CMK.
|
Boolean |
enabled()
Specifies whether the CMK is enabled.
|
List<EncryptionAlgorithmSpec> |
encryptionAlgorithms()
The encryption algorithms that the CMK supports.
|
List<String> |
encryptionAlgorithmsAsStrings()
The encryption algorithms that the CMK supports.
|
boolean |
equals(Object obj) |
boolean |
equalsBySdkFields(Object obj)
Indicates whether some other object is "equal to" this one by SDK fields.
|
ExpirationModelType |
expirationModel()
Specifies whether the CMK's key material expires.
|
String |
expirationModelAsString()
Specifies whether the CMK's key material expires.
|
<T> Optional<T> |
getValueForField(String fieldName,
Class<T> clazz) |
boolean |
hasEncryptionAlgorithms()
Returns true if the EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the
sender did not specify the value (it will be empty).
|
int |
hashCode() |
boolean |
hasSigningAlgorithms()
Returns true if the SigningAlgorithms property was specified by the sender (it may be empty), or false if the
sender did not specify the value (it will be empty).
|
String |
keyId()
The globally unique identifier for the CMK.
|
KeyManagerType |
keyManager()
The manager of the CMK.
|
String |
keyManagerAsString()
The manager of the CMK.
|
KeyState |
keyState()
The current status of the CMK.
|
String |
keyStateAsString()
The current status of the CMK.
|
KeyUsageType |
keyUsage()
The
cryptographic operations for which you can use the CMK.
|
String |
keyUsageAsString()
The
cryptographic operations for which you can use the CMK.
|
OriginType |
origin()
The source of the CMK's key material.
|
String |
originAsString()
The source of the CMK's key material.
|
List<SdkField<?>> |
sdkFields() |
static Class<? extends KeyMetadata.Builder> |
serializableBuilderClass() |
List<SigningAlgorithmSpec> |
signingAlgorithms()
The signing algorithms that the CMK supports.
|
List<String> |
signingAlgorithmsAsStrings()
The signing algorithms that the CMK supports.
|
KeyMetadata.Builder |
toBuilder()
Take this object and create a builder that contains all of the current property values of this object.
|
String |
toString()
Returns a string representation of this object.
|
Instant |
validTo()
The time at which the imported key material expires.
|
copy
public final String awsAccountId()
The twelve-digit account ID of the AWS account that owns the CMK.
public final String keyId()
The globally unique identifier for the CMK.
public final String arn()
The Amazon Resource Name (ARN) of the CMK. For examples, see AWS Key Management Service (AWS KMS) in the Example ARNs section of the AWS General Reference.
public final Instant creationDate()
The date and time when the CMK was created.
public final Boolean enabled()
Specifies whether the CMK is enabled. When KeyState
is Enabled
this value is true,
otherwise it is false.
KeyState
is Enabled
this value is
true, otherwise it is false.public final String description()
The description of the CMK.
public final KeyUsageType keyUsage()
The cryptographic operations for which you can use the CMK.
If the service returns an enum value that is not available in the current SDK version, keyUsage
will
return KeyUsageType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
keyUsageAsString()
.
KeyUsageType
public final String keyUsageAsString()
The cryptographic operations for which you can use the CMK.
If the service returns an enum value that is not available in the current SDK version, keyUsage
will
return KeyUsageType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
keyUsageAsString()
.
KeyUsageType
public final KeyState keyState()
The current status of the CMK.
For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.
If the service returns an enum value that is not available in the current SDK version, keyState
will
return KeyState.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
keyStateAsString()
.
For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.
KeyState
public final String keyStateAsString()
The current status of the CMK.
For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.
If the service returns an enum value that is not available in the current SDK version, keyState
will
return KeyState.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
keyStateAsString()
.
For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.
KeyState
public final Instant deletionDate()
The date and time after which AWS KMS deletes the CMK. This value is present only when KeyState
is
PendingDeletion
.
KeyState
is PendingDeletion
.public final Instant validTo()
The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key
material and the CMK becomes unusable. This value is present only for CMKs whose Origin
is
EXTERNAL
and whose ExpirationModel
is KEY_MATERIAL_EXPIRES
, otherwise this
value is omitted.
Origin
is EXTERNAL
and whose ExpirationModel
is KEY_MATERIAL_EXPIRES
,
otherwise this value is omitted.public final OriginType origin()
The source of the CMK's key material. When this value is AWS_KMS
, AWS KMS created the key material.
When this value is EXTERNAL
, the key material was imported from your existing key management
infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM
, the key material was
created in the AWS CloudHSM cluster associated with a custom key store.
If the service returns an enum value that is not available in the current SDK version, origin
will
return OriginType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
originAsString()
.
AWS_KMS
, AWS KMS created the key
material. When this value is EXTERNAL
, the key material was imported from your existing key
management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM
,
the key material was created in the AWS CloudHSM cluster associated with a custom key store.OriginType
public final String originAsString()
The source of the CMK's key material. When this value is AWS_KMS
, AWS KMS created the key material.
When this value is EXTERNAL
, the key material was imported from your existing key management
infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM
, the key material was
created in the AWS CloudHSM cluster associated with a custom key store.
If the service returns an enum value that is not available in the current SDK version, origin
will
return OriginType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
originAsString()
.
AWS_KMS
, AWS KMS created the key
material. When this value is EXTERNAL
, the key material was imported from your existing key
management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM
,
the key material was created in the AWS CloudHSM cluster associated with a custom key store.OriginType
public final String customKeyStoreId()
A unique identifier for the custom key store that contains the CMK. This value is present only when the CMK is created in a custom key store.
public final String cloudHsmClusterId()
The cluster ID of the AWS CloudHSM cluster that contains the key material for the CMK. When you create a CMK in a custom key store, AWS KMS creates the key material for the CMK in the associated AWS CloudHSM cluster. This value is present only when the CMK is created in a custom key store.
public final ExpirationModelType expirationModel()
Specifies whether the CMK's key material expires. This value is present only when Origin
is
EXTERNAL
, otherwise this value is omitted.
If the service returns an enum value that is not available in the current SDK version, expirationModel
will return ExpirationModelType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is
available from expirationModelAsString()
.
Origin
is
EXTERNAL
, otherwise this value is omitted.ExpirationModelType
public final String expirationModelAsString()
Specifies whether the CMK's key material expires. This value is present only when Origin
is
EXTERNAL
, otherwise this value is omitted.
If the service returns an enum value that is not available in the current SDK version, expirationModel
will return ExpirationModelType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is
available from expirationModelAsString()
.
Origin
is
EXTERNAL
, otherwise this value is omitted.ExpirationModelType
public final KeyManagerType keyManager()
The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed. For more information about the difference, see Customer Master Keys in the AWS Key Management Service Developer Guide.
If the service returns an enum value that is not available in the current SDK version, keyManager
will
return KeyManagerType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
keyManagerAsString()
.
KeyManagerType
public final String keyManagerAsString()
The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed. For more information about the difference, see Customer Master Keys in the AWS Key Management Service Developer Guide.
If the service returns an enum value that is not available in the current SDK version, keyManager
will
return KeyManagerType.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available from
keyManagerAsString()
.
KeyManagerType
public final CustomerMasterKeySpec customerMasterKeySpec()
Describes the type of key material in the CMK.
If the service returns an enum value that is not available in the current SDK version,
customerMasterKeySpec
will return CustomerMasterKeySpec.UNKNOWN_TO_SDK_VERSION
. The raw value
returned by the service is available from customerMasterKeySpecAsString()
.
CustomerMasterKeySpec
public final String customerMasterKeySpecAsString()
Describes the type of key material in the CMK.
If the service returns an enum value that is not available in the current SDK version,
customerMasterKeySpec
will return CustomerMasterKeySpec.UNKNOWN_TO_SDK_VERSION
. The raw value
returned by the service is available from customerMasterKeySpecAsString()
.
CustomerMasterKeySpec
public final List<EncryptionAlgorithmSpec> encryptionAlgorithms()
The encryption algorithms that the CMK supports. You cannot use the CMK with other encryption algorithms within AWS KMS.
This field appears only when the KeyUsage
of the CMK is ENCRYPT_DECRYPT
.
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
You can use hasEncryptionAlgorithms()
to see if a value was sent in this field.
This field appears only when the KeyUsage
of the CMK is ENCRYPT_DECRYPT
.
public final boolean hasEncryptionAlgorithms()
public final List<String> encryptionAlgorithmsAsStrings()
The encryption algorithms that the CMK supports. You cannot use the CMK with other encryption algorithms within AWS KMS.
This field appears only when the KeyUsage
of the CMK is ENCRYPT_DECRYPT
.
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
You can use hasEncryptionAlgorithms()
to see if a value was sent in this field.
This field appears only when the KeyUsage
of the CMK is ENCRYPT_DECRYPT
.
public final List<SigningAlgorithmSpec> signingAlgorithms()
The signing algorithms that the CMK supports. You cannot use the CMK with other signing algorithms within AWS KMS.
This field appears only when the KeyUsage
of the CMK is SIGN_VERIFY
.
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
You can use hasSigningAlgorithms()
to see if a value was sent in this field.
This field appears only when the KeyUsage
of the CMK is SIGN_VERIFY
.
public final boolean hasSigningAlgorithms()
public final List<String> signingAlgorithmsAsStrings()
The signing algorithms that the CMK supports. You cannot use the CMK with other signing algorithms within AWS KMS.
This field appears only when the KeyUsage
of the CMK is SIGN_VERIFY
.
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
You can use hasSigningAlgorithms()
to see if a value was sent in this field.
This field appears only when the KeyUsage
of the CMK is SIGN_VERIFY
.
public KeyMetadata.Builder toBuilder()
ToCopyableBuilder
toBuilder
in interface ToCopyableBuilder<KeyMetadata.Builder,KeyMetadata>
public static KeyMetadata.Builder builder()
public static Class<? extends KeyMetadata.Builder> serializableBuilderClass()
public final boolean equalsBySdkFields(Object obj)
SdkPojo
SdkPojo
class,
and is generated based on a service model.
If an SdkPojo
class does not have any inherited fields, equalsBySdkFields
and equals
are essentially the same.
equalsBySdkFields
in interface SdkPojo
obj
- the object to be compared withpublic final String toString()
Copyright © 2021 Amazon Web Services, Inc. All Rights Reserved.