public static interface GenerateDataKeyResponse.Builder extends KmsResponse.Builder, SdkPojo, CopyableBuilder<GenerateDataKeyResponse.Builder,GenerateDataKeyResponse>
| Modifier and Type | Method and Description |
|---|---|
GenerateDataKeyResponse.Builder |
ciphertextBlob(SdkBytes ciphertextBlob)
The encrypted copy of the data key.
|
GenerateDataKeyResponse.Builder |
ciphertextForRecipient(SdkBytes ciphertextForRecipient)
The plaintext data key encrypted with the public key from the Nitro enclave.
|
GenerateDataKeyResponse.Builder |
keyId(String keyId)
The Amazon Resource Name (key ARN) of the
KMS key that encrypted the data key.
|
GenerateDataKeyResponse.Builder |
plaintext(SdkBytes plaintext)
The plaintext data key.
|
build, responseMetadata, responseMetadatasdkHttpResponse, sdkHttpResponseequalsBySdkFields, sdkFieldscopyapplyMutation, buildGenerateDataKeyResponse.Builder ciphertextBlob(SdkBytes ciphertextBlob)
The encrypted copy of the data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
ciphertextBlob - The encrypted copy of the data key. When you use the HTTP API or the Amazon Web Services CLI, the
value is Base64-encoded. Otherwise, it is not Base64-encoded.GenerateDataKeyResponse.Builder plaintext(SdkBytes plaintext)
The plaintext data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. Use this data key to encrypt your data outside of KMS. Then, remove it from memory as soon as possible.
If the response includes the CiphertextForRecipient field, the Plaintext field is
null or empty.
plaintext - The plaintext data key. When you use the HTTP API or the Amazon Web Services CLI, the value is
Base64-encoded. Otherwise, it is not Base64-encoded. Use this data key to encrypt your data outside of
KMS. Then, remove it from memory as soon as possible.
If the response includes the CiphertextForRecipient field, the Plaintext
field is null or empty.
GenerateDataKeyResponse.Builder keyId(String keyId)
The Amazon Resource Name (key ARN) of the KMS key that encrypted the data key.
keyId - The Amazon Resource Name (key ARN)
of the KMS key that encrypted the data key.GenerateDataKeyResponse.Builder ciphertextForRecipient(SdkBytes ciphertextForRecipient)
The plaintext data key encrypted with the public key from the Nitro enclave. This ciphertext can be decrypted only by using a private key in the Nitro enclave.
This field is included in the response only when the Recipient parameter in the request includes
a valid attestation document from an Amazon Web Services Nitro enclave. For information about the interaction
between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web
Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide.
ciphertextForRecipient - The plaintext data key encrypted with the public key from the Nitro enclave. This ciphertext can be
decrypted only by using a private key in the Nitro enclave.
This field is included in the response only when the Recipient parameter in the request
includes a valid attestation document from an Amazon Web Services Nitro enclave. For information about
the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon
Web Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide.
Copyright © 2023. All rights reserved.