Class GrantConstraints
- All Implemented Interfaces:
Serializable
,Cloneable
A structure for specifying the conditions under which the operations permitted by the grant are allowed.
You can use this structure to allow the operations permitted by the grant only when a specified encryption context is present. For more information about encryption context, see Encryption Context in the AWS Key Management Service Developer Guide.
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaddEncryptionContextEqualsEntry
(String key, String value) addEncryptionContextSubsetEntry
(String key, String value) Removes all the entries added into EncryptionContextEquals.Removes all the entries added into EncryptionContextSubset.clone()
boolean
Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant.Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant.int
hashCode()
void
setEncryptionContextEquals
(Map<String, String> encryptionContextEquals) Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant.void
setEncryptionContextSubset
(Map<String, String> encryptionContextSubset) Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant.toString()
Returns a string representation of this object; useful for testing and debugging.withEncryptionContextEquals
(Map<String, String> encryptionContextEquals) Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant.withEncryptionContextSubset
(Map<String, String> encryptionContextSubset) Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant.
-
Constructor Details
-
GrantConstraints
public GrantConstraints()
-
-
Method Details
-
getEncryptionContextSubset
Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.
- Returns:
- Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.
-
setEncryptionContextSubset
Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.
- Parameters:
encryptionContextSubset
- Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.
-
withEncryptionContextSubset
Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.
- Parameters:
encryptionContextSubset
- Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
addEncryptionContextSubsetEntry
-
clearEncryptionContextSubsetEntries
Removes all the entries added into EncryptionContextSubset. <p> Returns a reference to this object so that method calls can be chained together. -
getEncryptionContextEquals
Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.
- Returns:
- Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.
-
setEncryptionContextEquals
Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.
- Parameters:
encryptionContextEquals
- Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.
-
withEncryptionContextEquals
Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.
- Parameters:
encryptionContextEquals
- Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
addEncryptionContextEqualsEntry
-
clearEncryptionContextEqualsEntries
Removes all the entries added into EncryptionContextEquals. <p> Returns a reference to this object so that method calls can be chained together. -
toString
Returns a string representation of this object; useful for testing and debugging. -
equals
-
hashCode
public int hashCode() -
clone
-