/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include #include namespace Aws { namespace KMS { namespace Model { /** */ class AWS_KMS_API EncryptRequest : public KMSRequest { public: EncryptRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "Encrypt"; } Aws::String SerializePayload() const override; Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline const Aws::String& GetKeyId() const{ return m_keyId; } /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline bool KeyIdHasBeenSet() const { return m_keyIdHasBeenSet; } /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetKeyId(const Aws::String& value) { m_keyIdHasBeenSet = true; m_keyId = value; } /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetKeyId(Aws::String&& value) { m_keyIdHasBeenSet = true; m_keyId = std::move(value); } /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetKeyId(const char* value) { m_keyIdHasBeenSet = true; m_keyId.assign(value); } /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline EncryptRequest& WithKeyId(const Aws::String& value) { SetKeyId(value); return *this;} /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline EncryptRequest& WithKeyId(Aws::String&& value) { SetKeyId(std::move(value)); return *this;} /** *

A unique identifier for the customer master key (CMK).

To specify a * CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When * using an alias name, prefix it with "alias/". To specify a CMK in a * different AWS account, you must use the key ARN or alias ARN.

For * example:

  • Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *

  • Alias name: alias/ExampleAlias

  • *

    Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline EncryptRequest& WithKeyId(const char* value) { SetKeyId(value); return *this;} /** *

Data to be encrypted.

*/ inline const Aws::Utils::CryptoBuffer& GetPlaintext() const{ return m_plaintext; } /** *

Data to be encrypted.

*/ inline bool PlaintextHasBeenSet() const { return m_plaintextHasBeenSet; } /** *

Data to be encrypted.

*/ inline void SetPlaintext(const Aws::Utils::CryptoBuffer& value) { m_plaintextHasBeenSet = true; m_plaintext = value; } /** *

Data to be encrypted.

*/ inline void SetPlaintext(Aws::Utils::CryptoBuffer&& value) { m_plaintextHasBeenSet = true; m_plaintext = std::move(value); } /** *

Data to be encrypted.

*/ inline EncryptRequest& WithPlaintext(const Aws::Utils::CryptoBuffer& value) { SetPlaintext(value); return *this;} /** *

Data to be encrypted.

*/ inline EncryptRequest& WithPlaintext(Aws::Utils::CryptoBuffer&& value) { SetPlaintext(std::move(value)); return *this;} /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline const Aws::Map& GetEncryptionContext() const{ return m_encryptionContext; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline bool EncryptionContextHasBeenSet() const { return m_encryptionContextHasBeenSet; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline void SetEncryptionContext(const Aws::Map& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext = value; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline void SetEncryptionContext(Aws::Map&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext = std::move(value); } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& WithEncryptionContext(const Aws::Map& value) { SetEncryptionContext(value); return *this;} /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& WithEncryptionContext(Aws::Map&& value) { SetEncryptionContext(std::move(value)); return *this;} /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(const Aws::String& key, const Aws::String& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, value); return *this; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(Aws::String&& key, const Aws::String& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(const Aws::String& key, Aws::String&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(Aws::String&& key, Aws::String&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(std::move(key), std::move(value)); return *this; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(const char* key, Aws::String&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(Aws::String&& key, const char* value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies the encryption context that will be used to encrypt the data. An * encryption context is valid only for cryptographic * operations with a symmetric CMK. The standard asymmetric encryption * algorithms that AWS KMS uses do not support an encryption context.

An * encryption context is a collection of non-secret key-value pairs that * represents additional authenticated data. When you use an encryption context to * encrypt data, you must specify the same (an exact case-sensitive match) * encryption context to decrypt the data. An encryption context is optional when * encrypting with a symmetric CMK, but it is highly recommended.

For more * information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddEncryptionContext(const char* key, const char* value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, value); return *this; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline const Aws::Vector& GetGrantTokens() const{ return m_grantTokens; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline bool GrantTokensHasBeenSet() const { return m_grantTokensHasBeenSet; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline void SetGrantTokens(const Aws::Vector& value) { m_grantTokensHasBeenSet = true; m_grantTokens = value; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline void SetGrantTokens(Aws::Vector&& value) { m_grantTokensHasBeenSet = true; m_grantTokens = std::move(value); } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& WithGrantTokens(const Aws::Vector& value) { SetGrantTokens(value); return *this;} /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& WithGrantTokens(Aws::Vector&& value) { SetGrantTokens(std::move(value)); return *this;} /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddGrantTokens(const Aws::String& value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(value); return *this; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddGrantTokens(Aws::String&& value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(std::move(value)); return *this; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline EncryptRequest& AddGrantTokens(const char* value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(value); return *this; } /** *

Specifies the encryption algorithm that AWS KMS will use to encrypt the * plaintext message. The algorithm must be compatible with the CMK that you * specify.

This parameter is required only for asymmetric CMKs. The default * value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. * If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

*/ inline const EncryptionAlgorithmSpec& GetEncryptionAlgorithm() const{ return m_encryptionAlgorithm; } /** *

Specifies the encryption algorithm that AWS KMS will use to encrypt the * plaintext message. The algorithm must be compatible with the CMK that you * specify.

This parameter is required only for asymmetric CMKs. The default * value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. * If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

*/ inline bool EncryptionAlgorithmHasBeenSet() const { return m_encryptionAlgorithmHasBeenSet; } /** *

Specifies the encryption algorithm that AWS KMS will use to encrypt the * plaintext message. The algorithm must be compatible with the CMK that you * specify.

This parameter is required only for asymmetric CMKs. The default * value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. * If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

*/ inline void SetEncryptionAlgorithm(const EncryptionAlgorithmSpec& value) { m_encryptionAlgorithmHasBeenSet = true; m_encryptionAlgorithm = value; } /** *

Specifies the encryption algorithm that AWS KMS will use to encrypt the * plaintext message. The algorithm must be compatible with the CMK that you * specify.

This parameter is required only for asymmetric CMKs. The default * value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. * If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

*/ inline void SetEncryptionAlgorithm(EncryptionAlgorithmSpec&& value) { m_encryptionAlgorithmHasBeenSet = true; m_encryptionAlgorithm = std::move(value); } /** *

Specifies the encryption algorithm that AWS KMS will use to encrypt the * plaintext message. The algorithm must be compatible with the CMK that you * specify.

This parameter is required only for asymmetric CMKs. The default * value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. * If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

*/ inline EncryptRequest& WithEncryptionAlgorithm(const EncryptionAlgorithmSpec& value) { SetEncryptionAlgorithm(value); return *this;} /** *

Specifies the encryption algorithm that AWS KMS will use to encrypt the * plaintext message. The algorithm must be compatible with the CMK that you * specify.

This parameter is required only for asymmetric CMKs. The default * value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. * If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

*/ inline EncryptRequest& WithEncryptionAlgorithm(EncryptionAlgorithmSpec&& value) { SetEncryptionAlgorithm(std::move(value)); return *this;} private: Aws::String m_keyId; bool m_keyIdHasBeenSet; Aws::Utils::CryptoBuffer m_plaintext; bool m_plaintextHasBeenSet; Aws::Map m_encryptionContext; bool m_encryptionContextHasBeenSet; Aws::Vector m_grantTokens; bool m_grantTokensHasBeenSet; EncryptionAlgorithmSpec m_encryptionAlgorithm; bool m_encryptionAlgorithmHasBeenSet; }; } // namespace Model } // namespace KMS } // namespace Aws