software.amazon.awssdk.services.kms.model

Class KeyMetadata

java.lang.Object

software.amazon.awssdk.services.kms.model.KeyMetadata

All Implemented Interfaces:

Serializable, SdkPojo, ToCopyableBuilder<KeyMetadata.Builder,KeyMetadata>

@Generated(value="software.amazon.awssdk:codegen")
public final class KeyMetadata
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<KeyMetadata.Builder,KeyMetadata>

Contains metadata about a customer master key (CMK).

This data type is used as a response element for the CreateKey and DescribeKey operations.

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	KeyMetadata.Builder

Method Summary

Modifier and Type	Method and Description
String	arn() The Amazon Resource Name (ARN) of the CMK.
String	awsAccountId() The twelve-digit account ID of the AWS account that owns the CMK.
static KeyMetadata.Builder	builder()
String	cloudHsmClusterId() The cluster ID of the AWS CloudHSM cluster that contains the key material for the CMK.
Instant	creationDate() The date and time when the CMK was created.
CustomerMasterKeySpec	customerMasterKeySpec() Describes the type of key material in the CMK.
String	customerMasterKeySpecAsString() Describes the type of key material in the CMK.
String	customKeyStoreId() A unique identifier for the custom key store that contains the CMK.
Instant	deletionDate() The date and time after which AWS KMS deletes the CMK.
String	description() The description of the CMK.
Boolean	enabled() Specifies whether the CMK is enabled.
List<EncryptionAlgorithmSpec>	encryptionAlgorithms() The encryption algorithms that the CMK supports.
List<String>	encryptionAlgorithmsAsStrings() The encryption algorithms that the CMK supports.
boolean	equals(Object obj)
boolean	equalsBySdkFields(Object obj) Indicates whether some other object is "equal to" this one by SDK fields.
ExpirationModelType	expirationModel() Specifies whether the CMK's key material expires.
String	expirationModelAsString() Specifies whether the CMK's key material expires.
<T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
boolean	hasEncryptionAlgorithms() Returns true if the EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
int	hashCode()
boolean	hasSigningAlgorithms() Returns true if the SigningAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
String	keyId() The globally unique identifier for the CMK.
KeyManagerType	keyManager() The manager of the CMK.
String	keyManagerAsString() The manager of the CMK.
KeyState	keyState() The current status of the CMK.
String	keyStateAsString() The current status of the CMK.
KeyUsageType	keyUsage() The cryptographic operations for which you can use the CMK.
String	keyUsageAsString() The cryptographic operations for which you can use the CMK.
OriginType	origin() The source of the CMK's key material.
String	originAsString() The source of the CMK's key material.
List<SdkField<?>>	sdkFields()
static Class<? extends KeyMetadata.Builder>	serializableBuilderClass()
List<SigningAlgorithmSpec>	signingAlgorithms() The signing algorithms that the CMK supports.
List<String>	signingAlgorithmsAsStrings() The signing algorithms that the CMK supports.
KeyMetadata.Builder	toBuilder() Take this object and create a builder that contains all of the current property values of this object.
String	toString() Returns a string representation of this object.
Instant	validTo() The time at which the imported key material expires.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Detail

awsAccountId

public final String awsAccountId()

The twelve-digit account ID of the AWS account that owns the CMK.

Returns:

The twelve-digit account ID of the AWS account that owns the CMK.

keyId

public final String keyId()

The globally unique identifier for the CMK.

Returns:

The globally unique identifier for the CMK.

arn

public final String arn()

The Amazon Resource Name (ARN) of the CMK. For examples, see AWS Key Management Service (AWS KMS) in the Example ARNs section of the AWS General Reference.

Returns:

The Amazon Resource Name (ARN) of the CMK. For examples, see AWS Key Management Service (AWS KMS) in the Example ARNs section of the AWS General Reference.

creationDate

public final Instant creationDate()

The date and time when the CMK was created.

Returns:

The date and time when the CMK was created.

enabled

public final Boolean enabled()

Specifies whether the CMK is enabled. When KeyState is Enabled this value is true, otherwise it is false.

Returns:

Specifies whether the CMK is enabled. When KeyState is Enabled this value is true, otherwise it is false.

description

public final String description()

The description of the CMK.

Returns:

The description of the CMK.

keyUsage

public final KeyUsageType keyUsage()

The cryptographic operations for which you can use the CMK.

If the service returns an enum value that is not available in the current SDK version, keyUsage will return KeyUsageType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyUsageAsString().

Returns:

The cryptographic operations for which you can use the CMK.

See Also:

KeyUsageType

keyUsageAsString

public final String keyUsageAsString()

The cryptographic operations for which you can use the CMK.

If the service returns an enum value that is not available in the current SDK version, keyUsage will return KeyUsageType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyUsageAsString().

Returns:

The cryptographic operations for which you can use the CMK.

See Also:

KeyUsageType

keyState

public final KeyState keyState()

The current status of the CMK.

For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.

If the service returns an enum value that is not available in the current SDK version, keyState will return KeyState.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyStateAsString().

Returns:

The current status of the CMK.

For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.

See Also:

KeyState

keyStateAsString

public final String keyStateAsString()

The current status of the CMK.

For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.

If the service returns an enum value that is not available in the current SDK version, keyState will return KeyState.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyStateAsString().

Returns:

The current status of the CMK.

For more information about how key state affects the use of a CMK, see Key state: Effect on your CMK in the AWS Key Management Service Developer Guide.

See Also:

KeyState

deletionDate

public final Instant deletionDate()

The date and time after which AWS KMS deletes the CMK. This value is present only when KeyState is PendingDeletion.

Returns:

The date and time after which AWS KMS deletes the CMK. This value is present only when KeyState is PendingDeletion.

validTo

public final Instant validTo()

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. This value is present only for CMKs whose Origin is EXTERNAL and whose ExpirationModel is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.

Returns:

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. This value is present only for CMKs whose Origin is EXTERNAL and whose ExpirationModel is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.

origin

public final OriginType origin()

The source of the CMK's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM, the key material was created in the AWS CloudHSM cluster associated with a custom key store.

If the service returns an enum value that is not available in the current SDK version, origin will return OriginType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from originAsString().

Returns:

The source of the CMK's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM, the key material was created in the AWS CloudHSM cluster associated with a custom key store.

See Also:

OriginType

originAsString

public final String originAsString()

The source of the CMK's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM, the key material was created in the AWS CloudHSM cluster associated with a custom key store.

If the service returns an enum value that is not available in the current SDK version, origin will return OriginType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from originAsString().

Returns:

The source of the CMK's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM, the key material was created in the AWS CloudHSM cluster associated with a custom key store.

See Also:

OriginType

customKeyStoreId

public final String customKeyStoreId()

A unique identifier for the custom key store that contains the CMK. This value is present only when the CMK is created in a custom key store.

Returns:

A unique identifier for the custom key store that contains the CMK. This value is present only when the CMK is created in a custom key store.

cloudHsmClusterId

public final String cloudHsmClusterId()

The cluster ID of the AWS CloudHSM cluster that contains the key material for the CMK. When you create a CMK in a custom key store, AWS KMS creates the key material for the CMK in the associated AWS CloudHSM cluster. This value is present only when the CMK is created in a custom key store.

Returns:

The cluster ID of the AWS CloudHSM cluster that contains the key material for the CMK. When you create a CMK in a custom key store, AWS KMS creates the key material for the CMK in the associated AWS CloudHSM cluster. This value is present only when the CMK is created in a custom key store.

expirationModel

public final ExpirationModelType expirationModel()

Specifies whether the CMK's key material expires. This value is present only when Origin is EXTERNAL, otherwise this value is omitted.

If the service returns an enum value that is not available in the current SDK version, expirationModel will return ExpirationModelType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from expirationModelAsString().

Returns:

Specifies whether the CMK's key material expires. This value is present only when Origin is EXTERNAL, otherwise this value is omitted.

See Also:

ExpirationModelType

expirationModelAsString

public final String expirationModelAsString()

Specifies whether the CMK's key material expires. This value is present only when Origin is EXTERNAL, otherwise this value is omitted.

If the service returns an enum value that is not available in the current SDK version, expirationModel will return ExpirationModelType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from expirationModelAsString().

Returns:

Specifies whether the CMK's key material expires. This value is present only when Origin is EXTERNAL, otherwise this value is omitted.

See Also:

ExpirationModelType

keyManager

public final KeyManagerType keyManager()

The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed. For more information about the difference, see Customer Master Keys in the AWS Key Management Service Developer Guide.

If the service returns an enum value that is not available in the current SDK version, keyManager will return KeyManagerType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyManagerAsString().

Returns:

The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed. For more information about the difference, see Customer Master Keys in the AWS Key Management Service Developer Guide.

See Also:

KeyManagerType

keyManagerAsString

public final String keyManagerAsString()

The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed. For more information about the difference, see Customer Master Keys in the AWS Key Management Service Developer Guide.

If the service returns an enum value that is not available in the current SDK version, keyManager will return KeyManagerType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyManagerAsString().

Returns:

The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed. For more information about the difference, see Customer Master Keys in the AWS Key Management Service Developer Guide.

See Also:

KeyManagerType

customerMasterKeySpec

public final CustomerMasterKeySpec customerMasterKeySpec()

Describes the type of key material in the CMK.

If the service returns an enum value that is not available in the current SDK version, customerMasterKeySpec will return CustomerMasterKeySpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from customerMasterKeySpecAsString().

Returns:

Describes the type of key material in the CMK.

See Also:

CustomerMasterKeySpec

customerMasterKeySpecAsString

public final String customerMasterKeySpecAsString()

Describes the type of key material in the CMK.

If the service returns an enum value that is not available in the current SDK version, customerMasterKeySpec will return CustomerMasterKeySpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from customerMasterKeySpecAsString().

Returns:

Describes the type of key material in the CMK.

See Also:

CustomerMasterKeySpec

encryptionAlgorithms

public final List<EncryptionAlgorithmSpec> encryptionAlgorithms()

The encryption algorithms that the CMK supports. You cannot use the CMK with other encryption algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is ENCRYPT_DECRYPT.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasEncryptionAlgorithms() to see if a value was sent in this field.

Returns:

The encryption algorithms that the CMK supports. You cannot use the CMK with other encryption algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is ENCRYPT_DECRYPT.

hasEncryptionAlgorithms

public final boolean hasEncryptionAlgorithms()

Returns true if the EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

encryptionAlgorithmsAsStrings

public final List<String> encryptionAlgorithmsAsStrings()

The encryption algorithms that the CMK supports. You cannot use the CMK with other encryption algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is ENCRYPT_DECRYPT.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasEncryptionAlgorithms() to see if a value was sent in this field.

Returns:

The encryption algorithms that the CMK supports. You cannot use the CMK with other encryption algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is ENCRYPT_DECRYPT.

signingAlgorithms

public final List<SigningAlgorithmSpec> signingAlgorithms()

The signing algorithms that the CMK supports. You cannot use the CMK with other signing algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is SIGN_VERIFY.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasSigningAlgorithms() to see if a value was sent in this field.

Returns:

The signing algorithms that the CMK supports. You cannot use the CMK with other signing algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is SIGN_VERIFY.

hasSigningAlgorithms

public final boolean hasSigningAlgorithms()

Returns true if the SigningAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

signingAlgorithmsAsStrings

public final List<String> signingAlgorithmsAsStrings()

The signing algorithms that the CMK supports. You cannot use the CMK with other signing algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is SIGN_VERIFY.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasSigningAlgorithms() to see if a value was sent in this field.

Returns:

The signing algorithms that the CMK supports. You cannot use the CMK with other signing algorithms within AWS KMS.

This field appears only when the KeyUsage of the CMK is SIGN_VERIFY.

toBuilder

public KeyMetadata.Builder toBuilder()

Description copied from interface: ToCopyableBuilder

Take this object and create a builder that contains all of the current property values of this object.

Specified by:

toBuilder in interface ToCopyableBuilder<KeyMetadata.Builder,KeyMetadata>

Returns:

a builder for type T

builder

public static KeyMetadata.Builder builder()

serializableBuilderClass

public static Class<? extends KeyMetadata.Builder> serializableBuilderClass()

hashCode

public final int hashCode()

Overrides:

hashCode in class Object

equals

public final boolean equals(Object obj)

Overrides:

equals in class Object

equalsBySdkFields

public final boolean equalsBySdkFields(Object obj)

Description copied from interface: SdkPojo

Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

Specified by:

equalsBySdkFields in interface SdkPojo

Parameters:

obj - the object to be compared with

Returns:

true if the other object equals to this object by sdk fields, false otherwise.

toString

public final String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)

sdkFields

public final List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo

Returns:

List of SdkField in this POJO. May be empty list but should never be null.