Cloneable, ReadLimitInfo, ToCopyableBuilder<PutKeyPolicyRequest.Builder,PutKeyPolicyRequest>@Generated("software.amazon.awssdk:codegen") public class PutKeyPolicyRequest extends AmazonWebServiceRequest implements ToCopyableBuilder<PutKeyPolicyRequest.Builder,PutKeyPolicyRequest>
| Modifier and Type | Class | Description |
|---|---|---|
static interface |
PutKeyPolicyRequest.Builder |
NOOP| Modifier and Type | Method | Description |
|---|---|---|
static PutKeyPolicyRequest.Builder |
builder() |
|
Boolean |
bypassPolicyLockoutSafetyCheck() |
A flag to indicate whether to bypass the key policy lockout safety check.
|
boolean |
equals(Object obj) |
|
int |
hashCode() |
|
String |
keyId() |
A unique identifier for the CMK.
|
String |
policy() |
The key policy to attach to the CMK.
|
String |
policyName() |
The name of the key policy.
|
static Class<? extends PutKeyPolicyRequest.Builder> |
serializableBuilderClass() |
|
PutKeyPolicyRequest.Builder |
toBuilder() |
Take this object and create a builder that contains all of the current property values of this object.
|
String |
toString() |
clone, getCloneRoot, getCloneSource, getCustomQueryParameters, getCustomRequestHeaders, getGeneralProgressListener, getReadLimit, getRequestClientOptions, getRequestCredentialsProvider, getRequestMetricCollector, getSdkClientExecutionTimeout, putCustomQueryParameter, putCustomRequestHeader, setGeneralProgressListener, setRequestCredentials, setRequestCredentialsProvider, setRequestMetricCollector, setSdkClientExecutionTimeout, withGeneralProgressListener, withRequestMetricCollector, withSdkClientExecutionTimeoutpublic String keyId()
A unique identifier for the CMK.
Use the CMK's unique identifier or its Amazon Resource Name (ARN). For example:
Unique ID: 1234abcd-12ab-34cd-56ef-1234567890ab
ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
Use the CMK's unique identifier or its Amazon Resource Name (ARN). For example:
Unique ID: 1234abcd-12ab-34cd-56ef-1234567890ab
ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
public String policyName()
The name of the key policy.
This value must be default.
This value must be default.
public String policy()
The key policy to attach to the CMK.
If you do not set BypassPolicyLockoutSafetyCheck to true, the policy must meet the following
criteria:
It must allow the principal that is making the PutKeyPolicy request to make a subsequent
PutKeyPolicy request on the CMK. This reduces the likelihood that the CMK becomes unmanageable. For
more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
The principals that are specified in the key policy must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before specifying the new principal in a key policy because the new principal might not immediately be visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the IAM User Guide.
The policy size limit is 32 KiB (32768 bytes).
If you do not set BypassPolicyLockoutSafetyCheck to true, the policy must meet the following
criteria:
It must allow the principal that is making the PutKeyPolicy request to make a subsequent
PutKeyPolicy request on the CMK. This reduces the likelihood that the CMK becomes
unmanageable. For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
The principals that are specified in the key policy must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before specifying the new principal in a key policy because the new principal might not immediately be visible to AWS KMS. For more information, see Changes that I make are not always immediately visible in the IAM User Guide.
The policy size limit is 32 KiB (32768 bytes).
public Boolean bypassPolicyLockoutSafetyCheck()
A flag to indicate whether to bypass the key policy lockout safety check.
Setting this value to true increases the likelihood that the CMK becomes unmanageable. Do not set this value to true indiscriminately.
For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
Use this parameter only when you intend to prevent the principal that is making the request from making a
subsequent PutKeyPolicy request on the CMK.
The default value is false.
Setting this value to true increases the likelihood that the CMK becomes unmanageable. Do not set this value to true indiscriminately.
For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
Use this parameter only when you intend to prevent the principal that is making the request from making a
subsequent PutKeyPolicy request on the CMK.
The default value is false.
public PutKeyPolicyRequest.Builder toBuilder()
ToCopyableBuildertoBuilder in interface ToCopyableBuilder<PutKeyPolicyRequest.Builder,PutKeyPolicyRequest>public static PutKeyPolicyRequest.Builder builder()
public static Class<? extends PutKeyPolicyRequest.Builder> serializableBuilderClass()
Copyright © 2017 Amazon Web Services, Inc. All Rights Reserved.