/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include namespace Aws { namespace KMS { namespace Model { /** */ class AWS_KMS_API GenerateDataKeyPairWithoutPlaintextRequest : public KMSRequest { public: GenerateDataKeyPairWithoutPlaintextRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "GenerateDataKeyPairWithoutPlaintext"; } Aws::String SerializePayload() const override; Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

An encryption context is a * collection of non-secret key-value pairs that represents additional * authenticated data. When you use an encryption context to encrypt data, you must * specify the same (an exact case-sensitive match) encryption context to decrypt * the data. An encryption context is optional when encrypting with a symmetric * CMK, but it is highly recommended.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline const Aws::Map& GetEncryptionContext() const{ return m_encryptionContext; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline bool EncryptionContextHasBeenSet() const { return m_encryptionContextHasBeenSet; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline void SetEncryptionContext(const Aws::Map& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext = value; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline void SetEncryptionContext(Aws::Map&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext = std::move(value); } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithEncryptionContext(const Aws::Map& value) { SetEncryptionContext(value); return *this;} /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithEncryptionContext(Aws::Map&& value) { SetEncryptionContext(std::move(value)); return *this;} /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(const Aws::String& key, const Aws::String& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, value); return *this; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(Aws::String&& key, const Aws::String& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(const Aws::String& key, Aws::String&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(Aws::String&& key, Aws::String&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(std::move(key), std::move(value)); return *this; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(const char* key, Aws::String&& value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, std::move(value)); return *this; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(Aws::String&& key, const char* value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(std::move(key), value); return *this; } /** *

Specifies the encryption context that will be used when encrypting the * private key in the data key pair.

For more information, see Encryption * Context in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddEncryptionContext(const char* key, const char* value) { m_encryptionContextHasBeenSet = true; m_encryptionContext.emplace(key, value); return *this; } /** *

Specifies the CMK that encrypts the private key in the data key pair. You * must specify a symmetric CMK. You cannot use an asymmetric CMK or a CMK in a * custom key store. To get the type and origin of your CMK, use the * DescribeKey operation.

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline const Aws::String& GetKeyId() const{ return m_keyId; } /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline bool KeyIdHasBeenSet() const { return m_keyIdHasBeenSet; } /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetKeyId(const Aws::String& value) { m_keyIdHasBeenSet = true; m_keyId = value; } /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetKeyId(Aws::String&& value) { m_keyIdHasBeenSet = true; m_keyId = std::move(value); } /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline void SetKeyId(const char* value) { m_keyIdHasBeenSet = true; m_keyId.assign(value); } /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithKeyId(const Aws::String& value) { SetKeyId(value); return *this;} /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithKeyId(Aws::String&& value) { SetKeyId(std::move(value)); return *this;} /** *

To specify a CMK, use its key ID, Amazon * Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix * it with "alias/".

For example:

Key ID: * 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab *
Alias name: alias/ExampleAlias
*
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias *

To get the key ID and key ARN for a CMK, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithKeyId(const char* value) { SetKeyId(value); return *this;} /** *

Determines the type of data key pair that is generated.

The AWS KMS * rule that restricts the use of asymmetric RSA CMKs to encrypt and decrypt or to * sign and verify (but not both), and the rule that permits you to use ECC CMKs * only to sign and verify, are not effective outside of AWS KMS.

*/ inline const DataKeyPairSpec& GetKeyPairSpec() const{ return m_keyPairSpec; } /** *

Determines the type of data key pair that is generated.

*/ inline bool KeyPairSpecHasBeenSet() const { return m_keyPairSpecHasBeenSet; } /** *

Determines the type of data key pair that is generated.

*/ inline void SetKeyPairSpec(const DataKeyPairSpec& value) { m_keyPairSpecHasBeenSet = true; m_keyPairSpec = value; } /** *

Determines the type of data key pair that is generated.

*/ inline void SetKeyPairSpec(DataKeyPairSpec&& value) { m_keyPairSpecHasBeenSet = true; m_keyPairSpec = std::move(value); } /** *

Determines the type of data key pair that is generated.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithKeyPairSpec(const DataKeyPairSpec& value) { SetKeyPairSpec(value); return *this;} /** *

Determines the type of data key pair that is generated.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithKeyPairSpec(DataKeyPairSpec&& value) { SetKeyPairSpec(std::move(value)); return *this;} /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline const Aws::Vector& GetGrantTokens() const{ return m_grantTokens; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline bool GrantTokensHasBeenSet() const { return m_grantTokensHasBeenSet; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline void SetGrantTokens(const Aws::Vector& value) { m_grantTokensHasBeenSet = true; m_grantTokens = value; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline void SetGrantTokens(Aws::Vector&& value) { m_grantTokensHasBeenSet = true; m_grantTokens = std::move(value); } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithGrantTokens(const Aws::Vector& value) { SetGrantTokens(value); return *this;} /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& WithGrantTokens(Aws::Vector&& value) { SetGrantTokens(std::move(value)); return *this;} /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddGrantTokens(const Aws::String& value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(value); return *this; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddGrantTokens(Aws::String&& value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(std::move(value)); return *this; } /** *

A list of grant tokens.

For more information, see Grant * Tokens in the AWS Key Management Service Developer Guide.

*/ inline GenerateDataKeyPairWithoutPlaintextRequest& AddGrantTokens(const char* value) { m_grantTokensHasBeenSet = true; m_grantTokens.push_back(value); return *this; } private: Aws::Map m_encryptionContext; bool m_encryptionContextHasBeenSet; Aws::String m_keyId; bool m_keyIdHasBeenSet; DataKeyPairSpec m_keyPairSpec; bool m_keyPairSpecHasBeenSet; Aws::Vector m_grantTokens; bool m_grantTokensHasBeenSet; }; } // namespace Model } // namespace KMS } // namespace Aws