Interface GrantConstraints.Builder

All Superinterfaces:
Buildable, CopyableBuilder<GrantConstraints.Builder,GrantConstraints>, SdkBuilder<GrantConstraints.Builder,GrantConstraints>, SdkPojo
Enclosing class:
GrantConstraints
@Mutable @NotThreadSafe public static interface GrantConstraints.Builder extends SdkPojo, CopyableBuilder<GrantConstraints.Builder,GrantConstraints>

  • Method Details

    • encryptionContextSubset

      GrantConstraints.Builder encryptionContextSubset(Map<String,String> encryptionContextSubset)

      A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.

      Parameters:
      encryptionContextSubset - A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • encryptionContextEquals

      GrantConstraints.Builder encryptionContextEquals(Map<String,String> encryptionContextEquals)

      A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.

      Parameters:
      encryptionContextEquals - A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • sourceArn

      GrantConstraints.Builder sourceArn(String sourceArn)

      The Amazon Resource Name (ARN) of an Amazon Web Services resource on behalf of which the request is made. This is effectively the same as having the aws:SourceArn global condition key in the grant. The SourceArn constraint ensures that the principal can use the KMS key only when the request is made on behalf of the specified resource.

      Parameters:
      sourceArn - The Amazon Resource Name (ARN) of an Amazon Web Services resource on behalf of which the request is made. This is effectively the same as having the aws:SourceArn global condition key in the grant. The SourceArn constraint ensures that the principal can use the KMS key only when the request is made on behalf of the specified resource.
      Returns:
      Returns a reference to this object so that method calls can be chained together.