Package software.amazon.awssdk.services.kms.model

Interface GenerateDataKeyResponse.Builder

    • Method Detail

      • ciphertextBlob

        GenerateDataKeyResponse.Builder ciphertextBlob​(SdkBytes ciphertextBlob)

        The encrypted copy of the data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

        Parameters:
        ciphertextBlob - The encrypted copy of the data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
        Returns:
        Returns a reference to this object so that method calls can be chained together.

      • plaintext

        GenerateDataKeyResponse.Builder plaintext​(SdkBytes plaintext)

        The plaintext data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. Use this data key to encrypt your data outside of KMS. Then, remove it from memory as soon as possible.

        If the response includes the CiphertextForRecipient field, the Plaintext field is null or empty.

        Parameters:
        plaintext - The plaintext data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. Use this data key to encrypt your data outside of KMS. Then, remove it from memory as soon as possible.

        If the response includes the CiphertextForRecipient field, the Plaintext field is null or empty.

        Returns:
        Returns a reference to this object so that method calls can be chained together.

      • keyId

        GenerateDataKeyResponse.Builder keyId​(String keyId)

        The Amazon Resource Name (key ARN) of the KMS key that encrypted the data key.

        Parameters:
        keyId - The Amazon Resource Name (key ARN) of the KMS key that encrypted the data key.
        Returns:
        Returns a reference to this object so that method calls can be chained together.

      • ciphertextForRecipient

        GenerateDataKeyResponse.Builder ciphertextForRecipient​(SdkBytes ciphertextForRecipient)

        The plaintext data key encrypted with the public key from the Nitro enclave. This ciphertext can be decrypted only by using a private key in the Nitro enclave.

        This field is included in the response only when the Recipient parameter in the request includes a valid attestation document from an Amazon Web Services Nitro enclave. For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide.

        Parameters:
        ciphertextForRecipient - The plaintext data key encrypted with the public key from the Nitro enclave. This ciphertext can be decrypted only by using a private key in the Nitro enclave.

        This field is included in the response only when the Recipient parameter in the request includes a valid attestation document from an Amazon Web Services Nitro enclave. For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide.

        Returns:
        Returns a reference to this object so that method calls can be chained together.