software.amazon.awscdk.services.kms

Class KeyProps.Jsii$Proxy

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.kms.KeyProps.Jsii$Proxy

All Implemented Interfaces:

KeyProps, software.amazon.jsii.JsiiSerializable

Enclosing interface:

KeyProps

@Stability(value=Experimental)
 @Internal
public static final class KeyProps.Jsii$Proxy
extends software.amazon.jsii.JsiiObject
implements KeyProps

An implementation for KeyProps

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.kms.KeyProps

KeyProps.Builder, KeyProps.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef) Constructor that initializes the object based on values retrieved from the JsiiObject.
protected	Jsii$Proxy(List<? extends IPrincipal> admins, String alias, String description, Boolean enabled, Boolean enableKeyRotation, KeySpec keySpec, KeyUsage keyUsage, Duration pendingWindow, PolicyDocument policy, RemovalPolicy removalPolicy) Constructor that initializes the object based on literal property values passed by the KeyProps.Builder.

Method Summary

Modifier and Type	Method and Description
com.fasterxml.jackson.databind.JsonNode	$jsii$toJson()
boolean	equals(Object o)
List<IPrincipal>	getAdmins() (experimental) A list of principals to add as key administrators to the key policy.
String	getAlias() (experimental) Initial alias to add to the key.
String	getDescription() (experimental) A description of the key.
Boolean	getEnabled() (experimental) Indicates whether the key is available for use.
Boolean	getEnableKeyRotation() (experimental) Indicates whether AWS KMS rotates the key.
KeySpec	getKeySpec() (experimental) The cryptographic configuration of the key.
KeyUsage	getKeyUsage() (experimental) The cryptographic operations for which the key can be used.
Duration	getPendingWindow() (experimental) Specifies the number of days in the waiting period before AWS KMS deletes a CMK that has been removed from a CloudFormation stack.
PolicyDocument	getPolicy() (experimental) Custom policy document to attach to the KMS key.
RemovalPolicy	getRemovalPolicy() (experimental) Whether the encryption key should be retained when it is removed from the Stack.
int	hashCode()

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.services.kms.KeyProps

builder

Constructor Detail

Jsii$Proxy

protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

Constructor that initializes the object based on values retrieved from the JsiiObject.

Parameters:

objRef - Reference to the JSII managed object.

Jsii$Proxy

protected Jsii$Proxy(List<? extends IPrincipal> admins,
                     String alias,
                     String description,
                     Boolean enabled,
                     Boolean enableKeyRotation,
                     KeySpec keySpec,
                     KeyUsage keyUsage,
                     Duration pendingWindow,
                     PolicyDocument policy,
                     RemovalPolicy removalPolicy)

Constructor that initializes the object based on literal property values passed by the KeyProps.Builder.

Method Detail

getAdmins

public final List<IPrincipal> getAdmins()

Description copied from interface: KeyProps

(experimental) A list of principals to add as key administrators to the key policy.

Key administrators have permissions to manage the key (e.g., change permissions, revoke), but do not have permissions to use the key in cryptographic operations (e.g., encrypt, decrypt).

These principals will be added to the default key policy (if none specified), or to the specified policy (if provided).

Default: []

Specified by:

getAdmins in interface KeyProps

getAlias

public final String getAlias()

Description copied from interface: KeyProps

(experimental) Initial alias to add to the key.

More aliases can be added later by calling addAlias.

Default: - No alias is added for the key.

Specified by:

getAlias in interface KeyProps

getDescription

public final String getDescription()

Description copied from interface: KeyProps

(experimental) A description of the key.

Use a description that helps your users decide whether the key is appropriate for a particular task.

Default: - No description.

Specified by:

getDescription in interface KeyProps

getEnabled

public final Boolean getEnabled()

Description copied from interface: KeyProps

(experimental) Indicates whether the key is available for use.

Default: - Key is enabled.

Specified by:

getEnabled in interface KeyProps

getEnableKeyRotation

public final Boolean getEnableKeyRotation()

Description copied from interface: KeyProps

(experimental) Indicates whether AWS KMS rotates the key.

Default: false

Specified by:

getEnableKeyRotation in interface KeyProps

getKeySpec

public final KeySpec getKeySpec()

Description copied from interface: KeyProps

(experimental) The cryptographic configuration of the key. The valid value depends on usage of the key.

IMPORTANT: If you change this property of an existing key, the existing key is scheduled for deletion and a new key is created with the specified value.

Default: KeySpec.SYMMETRIC_DEFAULT

Specified by:

getKeySpec in interface KeyProps

getKeyUsage

public final KeyUsage getKeyUsage()

Description copied from interface: KeyProps

(experimental) The cryptographic operations for which the key can be used.

IMPORTANT: If you change this property of an existing key, the existing key is scheduled for deletion and a new key is created with the specified value.

Default: KeyUsage.ENCRYPT_DECRYPT

Specified by:

getKeyUsage in interface KeyProps

getPendingWindow

public final Duration getPendingWindow()

Description copied from interface: KeyProps

(experimental) Specifies the number of days in the waiting period before AWS KMS deletes a CMK that has been removed from a CloudFormation stack.

When you remove a customer master key (CMK) from a CloudFormation stack, AWS KMS schedules the CMK for deletion and starts the mandatory waiting period. The PendingWindowInDays property determines the length of waiting period. During the waiting period, the key state of CMK is Pending Deletion, which prevents the CMK from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the CMK.

Enter a value between 7 and 30 days.

Default: - 30 days

Specified by:

getPendingWindow in interface KeyProps

See Also:

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-pendingwindowindays

getPolicy

public final PolicyDocument getPolicy()

Description copied from interface: KeyProps

(experimental) Custom policy document to attach to the KMS key.

NOTE - If the @aws-cdk/aws-kms:defaultKeyPolicies feature flag is set (the default for new projects), this policy will override the default key policy and become the only key policy for the key. If the feature flag is not set, this policy will be appended to the default key policy.

Default: - A policy document with permissions for the account root to administer the key will be created.

Specified by:

getPolicy in interface KeyProps

getRemovalPolicy

public final RemovalPolicy getRemovalPolicy()

Description copied from interface: KeyProps

(experimental) Whether the encryption key should be retained when it is removed from the Stack.

This is useful when one wants to retain access to data that was encrypted with a key that is being retired.

Default: RemovalPolicy.Retain

Specified by:

getRemovalPolicy in interface KeyProps

$jsii$toJson

@Internal
public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()

Specified by:

$jsii$toJson in interface software.amazon.jsii.JsiiSerializable

equals

public final boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public final int hashCode()

Overrides:

hashCode in class Object