All Known Implementing Classes:

LocalWrapKmsClient
```
public interface KmsClient
```

Field Summary

Fields
Modifier and Type Field Description

static String KEY_ACCESS_TOKEN_DEFAULT

static String KMS_INSTANCE_ID_DEFAULT

static String KMS_INSTANCE_URL_DEFAULT

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`void`	`initialize(org.apache.hadoop.conf.Configuration configuration, String kmsInstanceID, String kmsInstanceURL, String accessToken)`	Pass configuration with KMS-specific parameters.
`byte[]`	`unwrapKey(String wrappedKey, String masterKeyIdentifier)`	Decrypts (unwraps) a key with the master key.
`String`	`wrapKey(byte[] keyBytes, String masterKeyIdentifier)`	Wraps a key - encrypts it with the master key, encodes the result and potentially adds a KMS-specific metadata.

- Field Detail
  - KMS_INSTANCE_ID_DEFAULT
```
static final String KMS_INSTANCE_ID_DEFAULT
```
    See Also:
    
    Constant Field Values
  - KMS_INSTANCE_URL_DEFAULT
```
static final String KMS_INSTANCE_URL_DEFAULT
```
    See Also:
    
    Constant Field Values
  - KEY_ACCESS_TOKEN_DEFAULT
```
static final String KEY_ACCESS_TOKEN_DEFAULT
```
    See Also:
    
    Constant Field Values
- Method Detail
  - initialize
```
void initialize(org.apache.hadoop.conf.Configuration configuration,
                String kmsInstanceID,
                String kmsInstanceURL,
                String accessToken)
         throws KeyAccessDeniedException
```
    Pass configuration with KMS-specific parameters.
    
    Parameters:
    
    configuration - Hadoop configuration
    
    kmsInstanceID - ID of the KMS instance handled by this KmsClient. Use the default value, for KMS systems that don't work with multiple instances.
    
    kmsInstanceURL - URL of the KMS instance handled by this KmsClient. Use the default value, for KMS systems that don't work with URLs.
    
    accessToken - KMS access (authorization) token. Use the default value, for KMS systems that don't work with tokens.
    
    Throws:
    
    KeyAccessDeniedException - unauthorized to initialize the KMS client
  - wrapKey
```
String wrapKey(byte[] keyBytes,
               String masterKeyIdentifier)
        throws KeyAccessDeniedException
```
    Wraps a key - encrypts it with the master key, encodes the result and potentially adds a KMS-specific metadata. If your KMS client code throws runtime exceptions related to access/permission problems (such as Hadoop AccessControlException), catch them and throw the KeyAccessDeniedException.
    
    Parameters:
    
    keyBytes - : key bytes to be wrapped
    
    masterKeyIdentifier - : a string that uniquely identifies the master key in a KMS instance
    
    Returns:
    
    wrapped key
    
    Throws:
    
    KeyAccessDeniedException - unauthorized to encrypt with the given master key
  - unwrapKey
```
byte[] unwrapKey(String wrappedKey,
                 String masterKeyIdentifier)
          throws KeyAccessDeniedException
```
    Decrypts (unwraps) a key with the master key. If your KMS client code throws runtime exceptions related to access/permission problems (such as Hadoop AccessControlException), catch them and throw the KeyAccessDeniedException.
    
    Parameters:
    
    wrappedKey - String produced by wrapKey operation
    
    masterKeyIdentifier - : a string that uniquely identifies the master key in a KMS instance
    
    Returns:
    
    unwrapped key bytes
    
    Throws:
    
    KeyAccessDeniedException - unauthorized to unwrap with the given master key

Modifier and Type	Field	Description
`static String`	`KEY_ACCESS_TOKEN_DEFAULT`
`static String`	`KMS_INSTANCE_ID_DEFAULT`
`static String`	`KMS_INSTANCE_URL_DEFAULT`

Interface KmsClient

Field Summary

Method Summary

Field Detail

KMS_INSTANCE_ID_DEFAULT

KMS_INSTANCE_URL_DEFAULT

KEY_ACCESS_TOKEN_DEFAULT

Method Detail

initialize

wrapKey

unwrapKey