AWSKMSGrantConstraints Class Reference

Inherits from AWSModel : AWSMTLModel
Declared in AWSKMSModel.h
AWSKMSModel.m

Overview

A structure for specifying the conditions under which the operations permitted by the grant are allowed.

You can use this structure to allow the operations permitted by the grant only when a specified encryption context is present. For more information about encryption context, see Encryption Context in the AWS Key Management Service Developer Guide.

  encryptionContextEquals

Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.

@property (nonatomic, strong) NSDictionary<NSString*NSString*> *encryptionContextEquals

Declared In

AWSKMSModel.h

  encryptionContextSubset

Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.

@property (nonatomic, strong) NSDictionary<NSString*NSString*> *encryptionContextSubset

Declared In

AWSKMSModel.h