Class KeyProps.Builder
java.lang.Object
software.amazon.awscdk.services.kms.KeyProps.Builder
- All Implemented Interfaces:
software.amazon.jsii.Builder<KeyProps>
- Enclosing interface:
KeyProps
@Stability(Stable)
public static final class KeyProps.Builder
extends Object
implements software.amazon.jsii.Builder<KeyProps>
A builder for
KeyProps
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionadmins
(List<? extends IPrincipal> admins) Sets the value ofKeyProps.getAdmins()
Sets the value ofKeyProps.getAlias()
build()
Builds the configured instance.description
(String description) Sets the value ofKeyProps.getDescription()
Sets the value ofKeyProps.getEnabled()
enableKeyRotation
(Boolean enableKeyRotation) Sets the value ofKeyProps.getEnableKeyRotation()
Sets the value ofKeyProps.getKeySpec()
Sets the value ofKeyProps.getKeyUsage()
multiRegion
(Boolean multiRegion) Sets the value ofKeyProps.getMultiRegion()
pendingWindow
(Duration pendingWindow) Sets the value ofKeyProps.getPendingWindow()
policy
(PolicyDocument policy) Sets the value ofKeyProps.getPolicy()
removalPolicy
(RemovalPolicy removalPolicy) Sets the value ofKeyProps.getRemovalPolicy()
rotationPeriod
(Duration rotationPeriod) Sets the value ofKeyProps.getRotationPeriod()
-
Constructor Details
-
Builder
public Builder()
-
-
Method Details
-
admins
Sets the value ofKeyProps.getAdmins()
- Parameters:
admins
- A list of principals to add as key administrators to the key policy. Key administrators have permissions to manage the key (e.g., change permissions, revoke), but do not have permissions to use the key in cryptographic operations (e.g., encrypt, decrypt).These principals will be added to the default key policy (if none specified), or to the specified policy (if provided).
- Returns:
this
-
alias
Sets the value ofKeyProps.getAlias()
- Parameters:
alias
- Initial alias to add to the key. More aliases can be added later by callingaddAlias
.- Returns:
this
-
description
Sets the value ofKeyProps.getDescription()
- Parameters:
description
- A description of the key. Use a description that helps your users decide whether the key is appropriate for a particular task.- Returns:
this
-
enabled
Sets the value ofKeyProps.getEnabled()
- Parameters:
enabled
- Indicates whether the key is available for use.- Returns:
this
-
enableKeyRotation
Sets the value ofKeyProps.getEnableKeyRotation()
- Parameters:
enableKeyRotation
- Indicates whether AWS KMS rotates the key.- Returns:
this
-
keySpec
Sets the value ofKeyProps.getKeySpec()
- Parameters:
keySpec
- The cryptographic configuration of the key. The valid value depends on usage of the key. IMPORTANT: If you change this property of an existing key, the existing key is scheduled for deletion and a new key is created with the specified value.- Returns:
this
-
keyUsage
Sets the value ofKeyProps.getKeyUsage()
- Parameters:
keyUsage
- The cryptographic operations for which the key can be used. IMPORTANT: If you change this property of an existing key, the existing key is scheduled for deletion and a new key is created with the specified value.- Returns:
this
-
multiRegion
Sets the value ofKeyProps.getMultiRegion()
- Parameters:
multiRegion
- Creates a multi-Region primary key that you can replicate in other AWS Regions. You can't change themultiRegion
value after the KMS key is created.IMPORTANT: If you change the value of the
multiRegion
property on an existing KMS key, the update request fails, regardless of the value of the UpdateReplacePolicy attribute. This prevents you from accidentally deleting a KMS key by changing an immutable property value.- Returns:
this
-
pendingWindow
Sets the value ofKeyProps.getPendingWindow()
- Parameters:
pendingWindow
- Specifies the number of days in the waiting period before AWS KMS deletes a CMK that has been removed from a CloudFormation stack. When you remove a customer master key (CMK) from a CloudFormation stack, AWS KMS schedules the CMK for deletion and starts the mandatory waiting period. The PendingWindowInDays property determines the length of waiting period. During the waiting period, the key state of CMK is Pending Deletion, which prevents the CMK from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the CMK.Enter a value between 7 and 30 days.
- Returns:
this
-
policy
Sets the value ofKeyProps.getPolicy()
- Parameters:
policy
- Custom policy document to attach to the KMS key. NOTE - If the@aws-cdk/aws-kms:defaultKeyPolicies
feature flag is set (the default for new projects), this policy will override the default key policy and become the only key policy for the key. If the feature flag is not set, this policy will be appended to the default key policy.- Returns:
this
-
removalPolicy
Sets the value ofKeyProps.getRemovalPolicy()
- Parameters:
removalPolicy
- Whether the encryption key should be retained when it is removed from the Stack. This is useful when one wants to retain access to data that was encrypted with a key that is being retired.- Returns:
this
-
rotationPeriod
Sets the value ofKeyProps.getRotationPeriod()
- Parameters:
rotationPeriod
- The period between each automatic rotation.- Returns:
this
-
build
Builds the configured instance.- Specified by:
build
in interfacesoftware.amazon.jsii.Builder<KeyProps>
- Returns:
- a new instance of
KeyProps
- Throws:
NullPointerException
- if any required attribute was not provided
-