Package com.amazonaws.encryptionsdk.kms

Class KmsMasterKeyProvider.Builder

java.lang.Object

com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider.Builder

All Implemented Interfaces:

Cloneable

Enclosing class:

KmsMasterKeyProvider

public static class KmsMasterKeyProvider.Builder
extends Object
implements Cloneable

Method Summary

Modifier and Type	Method	Description
KmsMasterKeyProvider	buildDiscovery()	Builds the master key provider in Discovery Mode.
KmsMasterKeyProvider	buildDiscovery(DiscoveryFilter filter)	Builds the master key provider in Discovery Mode with a DiscoveryFilter.
KmsMasterKeyProvider	buildStrict(String... keyIds)	Builds the master key provider in strict mode.
KmsMasterKeyProvider	buildStrict(List<String> keyIds)	Builds the master key provider in Strict Mode.
KmsMasterKeyProvider.Builder	clone()
protected void	snoopClientCache(ConcurrentHashMap<String,com.amazonaws.services.kms.AWSKMS> map)
KmsMasterKeyProvider.Builder	withClientBuilder(com.amazonaws.services.kms.AWSKMSClientBuilder builder)	Configures the KmsMasterKeyProvider to use settings from this AWSKMSClientBuilder to configure KMS clients.
KmsMasterKeyProvider.Builder	withCredentials(com.amazonaws.auth.AWSCredentials credentials)	Configures the KmsMasterKeyProvider to use specific credentials.
KmsMasterKeyProvider.Builder	withCredentials(com.amazonaws.auth.AWSCredentialsProvider credentialsProvider)	Configures the KmsMasterKeyProvider to use specific credentials.
KmsMasterKeyProvider.Builder	withCustomClientFactory(KmsMasterKeyProvider.RegionalClientSupplier regionalClientSupplier)	Provides a custom factory function that will vend KMS clients.
KmsMasterKeyProvider.Builder	withDefaultRegion(String defaultRegion)	Sets the default region.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

clone

public KmsMasterKeyProvider.Builder clone()

Overrides:

clone in class Object

withDefaultRegion

public KmsMasterKeyProvider.Builder withDefaultRegion(String defaultRegion)

Sets the default region. This region will be used when specifying key IDs for encryption or in MasterKeyProvider.getMasterKey(String) that are not full ARNs, but are instead bare key IDs or aliases. If the default region is not specified, only full key ARNs will be usable.

Parameters:

defaultRegion - The default region to use.

Returns:

withCustomClientFactory

public KmsMasterKeyProvider.Builder withCustomClientFactory(KmsMasterKeyProvider.RegionalClientSupplier regionalClientSupplier)

Provides a custom factory function that will vend KMS clients. This is provided for advanced use cases which require complete control over the client construction process. Because the regional client supplier fully controls the client construction process, it is not possible to configure the client through methods such as withCredentials(AWSCredentialsProvider) or withClientBuilder(AWSKMSClientBuilder); if you try to use these in combination, an IllegalStateException will be thrown.

Parameters:

regionalClientSupplier -

Returns:

withCredentials

public KmsMasterKeyProvider.Builder withCredentials(com.amazonaws.auth.AWSCredentialsProvider credentialsProvider)

Configures the KmsMasterKeyProvider to use specific credentials. If a builder was previously set, this will override whatever credentials it set.

Parameters:

credentialsProvider -

Returns:

withCredentials

public KmsMasterKeyProvider.Builder withCredentials(com.amazonaws.auth.AWSCredentials credentials)

Configures the KmsMasterKeyProvider to use specific credentials. If a builder was previously set, this will override whatever credentials it set.

Parameters:

credentials -

Returns:

withClientBuilder

public KmsMasterKeyProvider.Builder withClientBuilder(com.amazonaws.services.kms.AWSKMSClientBuilder builder)

Configures the KmsMasterKeyProvider to use settings from this AWSKMSClientBuilder to configure KMS clients. Note that the region set on this builder will be ignored, but all other settings will be propagated into the regional clients. This method will overwrite any credentials set using withCredentials(AWSCredentialsProvider).

Parameters:

builder -

Returns:

buildDiscovery

public KmsMasterKeyProvider buildDiscovery()

Builds the master key provider in Discovery Mode. In Discovery Mode the KMS Master Key Provider will attempt to decrypt using any key identifier it discovers in the encrypted message. KMS Master Key Providers in Discovery Mode will not encrypt data keys.

Returns:

buildDiscovery

public KmsMasterKeyProvider buildDiscovery(DiscoveryFilter filter)

Builds the master key provider in Discovery Mode with a DiscoveryFilter. In Discovery Mode the KMS Master Key Provider will attempt to decrypt using any key identifier it discovers in the encrypted message that is accepted by the filter. KMS Master Key Providers in Discovery Mode will not encrypt data keys.

Parameters:

filter -

Returns:

buildStrict

public KmsMasterKeyProvider buildStrict(List<String> keyIds)

Builds the master key provider in Strict Mode. KMS Master Key Providers in Strict Mode will only attempt to decrypt using the keys listed in keyIds. KMS Master Key Providers in Strict Mode will encrypt data keys using the keys listed in keyIds

Parameters:

keyIds -

Returns:

buildStrict

public KmsMasterKeyProvider buildStrict(String... keyIds)

Builds the master key provider in strict mode. KMS Master Key Providers in Strict Mode will only attempt to decrypt using the keys listed in keyIds. KMS Master Key Providers in Strict Mode will encrypt data keys using the keys listed in keyIds

Parameters:

keyIds -

Returns:

snoopClientCache

protected void snoopClientCache(ConcurrentHashMap<String,com.amazonaws.services.kms.AWSKMS> map)