@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)", date="2023-05-19T23:09:24.335Z") @Stability(value=Stable) public class Alias extends Resource implements IAlias
Using an alias to refer to a key can help you simplify key management. For example, when rotating keys, you can just update the alias mapping instead of tracking and changing key IDs. For more information, see Working with Aliases in the AWS Key Management Service Developer Guide.
You can also add an alias for a key by calling key.addAlias(alias)
.
Example:
// Passing an encrypted replication bucket created in a different stack. App app = new App(); Stack replicationStack = Stack.Builder.create(app, "ReplicationStack") .env(Environment.builder() .region("us-west-1") .build()) .build(); Key key = new Key(replicationStack, "ReplicationKey"); Alias alias = Alias.Builder.create(replicationStack, "ReplicationAlias") // aliasName is required .aliasName(PhysicalName.GENERATE_IF_NEEDED) .targetKey(key) .build(); Bucket replicationBucket = Bucket.Builder.create(replicationStack, "ReplicationBucket") .bucketName(PhysicalName.GENERATE_IF_NEEDED) .encryptionKey(alias) .build();
Modifier and Type | Class and Description |
---|---|
static class |
Alias.Builder
A fluent builder for
Alias . |
software.amazon.jsii.JsiiObject.InitializationMode
IAlias.Jsii$Default, IAlias.Jsii$Proxy
Modifier | Constructor and Description |
---|---|
|
Alias(software.constructs.Construct scope,
String id,
AliasProps props) |
protected |
Alias(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
Alias(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
Alias |
addAlias(String alias)
Defines a new alias for the key.
|
AddToResourcePolicyResult |
addToResourcePolicy(PolicyStatement statement)
Adds a statement to the KMS key resource policy.
|
AddToResourcePolicyResult |
addToResourcePolicy(PolicyStatement statement,
Boolean allowNoOp)
Adds a statement to the KMS key resource policy.
|
static IAlias |
fromAliasAttributes(software.constructs.Construct scope,
String id,
AliasAttributes attrs)
Import an existing KMS Alias defined outside the CDK app.
|
static IAlias |
fromAliasName(software.constructs.Construct scope,
String id,
String aliasName)
Import an existing KMS Alias defined outside the CDK app, by the alias name.
|
protected String |
generatePhysicalName() |
String |
getAliasName()
The name of the alias.
|
IKey |
getAliasTargetKey()
The Key to which the Alias refers.
|
String |
getKeyArn()
The ARN of the key.
|
String |
getKeyId()
The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).
|
Grant |
grant(IGrantable grantee,
String... actions)
Grant the indicated permissions on this key to the given principal.
|
Grant |
grantDecrypt(IGrantable grantee)
Grant decryption permissions using this key to the given principal.
|
Grant |
grantEncrypt(IGrantable grantee)
Grant encryption permissions using this key to the given principal.
|
Grant |
grantEncryptDecrypt(IGrantable grantee)
Grant encryption and decryption permissions using this key to the given principal.
|
applyRemovalPolicy, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
applyRemovalPolicy, getEnv, getStack
getNode
protected Alias(software.amazon.jsii.JsiiObjectRef objRef)
protected Alias(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Stable) public Alias(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull AliasProps props)
scope
- This parameter is required.id
- This parameter is required.props
- This parameter is required.@Stability(value=Stable) @NotNull public static IAlias fromAliasAttributes(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull AliasAttributes attrs)
scope
- The parent creating construct (usually `this`). This parameter is required.id
- The construct's name. This parameter is required.attrs
- the properties of the referenced KMS Alias. This parameter is required.@Stability(value=Stable) @NotNull public static IAlias fromAliasName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String aliasName)
This method should be used instead of 'fromAliasAttributes' when the underlying KMS Key ARN is not available. This Alias will not have a direct reference to the KMS Key, so addAlias and grant* methods are not supported.
scope
- The parent creating construct (usually `this`). This parameter is required.id
- The construct's name. This parameter is required.aliasName
- The full name of the KMS Alias (e.g., 'alias/aws/s3', 'alias/myKeyAlias'). This parameter is required.@Stability(value=Stable) @NotNull public Alias addAlias(@NotNull String alias)
@Stability(value=Stable) @NotNull public AddToResourcePolicyResult addToResourcePolicy(@NotNull PolicyStatement statement, @Nullable Boolean allowNoOp)
addToResourcePolicy
in interface IKey
statement
- This parameter is required.allowNoOp
- @Stability(value=Stable) @NotNull public AddToResourcePolicyResult addToResourcePolicy(@NotNull PolicyStatement statement)
addToResourcePolicy
in interface IKey
statement
- This parameter is required.@Stability(value=Stable) @NotNull protected String generatePhysicalName()
generatePhysicalName
in class Resource
@Stability(value=Stable) @NotNull public Grant grant(@NotNull IGrantable grantee, @NotNull String... actions)
@Stability(value=Stable) @NotNull public Grant grantDecrypt(@NotNull IGrantable grantee)
grantDecrypt
in interface IKey
grantee
- This parameter is required.@Stability(value=Stable) @NotNull public Grant grantEncrypt(@NotNull IGrantable grantee)
grantEncrypt
in interface IKey
grantee
- This parameter is required.@Stability(value=Stable) @NotNull public Grant grantEncryptDecrypt(@NotNull IGrantable grantee)
grantEncryptDecrypt
in interface IKey
grantee
- This parameter is required.@Stability(value=Stable) @NotNull public String getAliasName()
getAliasName
in interface IAlias
@Stability(value=Stable) @NotNull public IKey getAliasTargetKey()
getAliasTargetKey
in interface IAlias
@Stability(value=Stable) @NotNull public String getKeyArn()
Copyright © 2023. All rights reserved.