Package software.amazon.awscdk.services.paymentcryptography

Class CfnKey

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.paymentcryptography.CfnKey
All Implemented Interfaces:
IInspectable, ITaggableV2, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.101.0 (build b95fe5d)", date="2024-07-11T03:45:57.893Z") @Stability(Stable) public class CfnKey extends CfnResource implements IInspectable, ITaggableV2
Creates an AWS Payment Cryptography key, a logical representation of a cryptographic key, that is unique in your account and AWS Region .

You use keys for cryptographic functions such as encryption and decryption.

In addition to the key material used in cryptographic operations, an AWS Payment Cryptography key includes metadata such as the key ARN, key usage, key origin, creation date, description, and key state.

When you create a key, you specify both immutable and mutable data about the key. The immutable data contains key attributes that define the scope and cryptographic operations that you can perform using the key, for example key class (example: SYMMETRIC_KEY ), key algorithm (example: TDES_2KEY ), key usage (example: TR31_P0_PIN_ENCRYPTION_KEY ) and key modes of use (example: Encrypt ). For information about valid combinations of key attributes, see Understanding key attributes in the AWS Payment Cryptography User Guide . The mutable data contained within a key includes usage timestamp and key deletion timestamp and can be modified after creation.

AWS Payment Cryptography binds key attributes to keys using key blocks when you store or export them. AWS Payment Cryptography stores the key contents wrapped and never stores or transmits them in the clear.

Cross-account use : This operation can't be used across different AWS accounts.

Related operations:

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.paymentcryptography.*;
 CfnKey cfnKey = CfnKey.Builder.create(this, "MyCfnKey")
         .exportable(false)
         .keyAttributes(KeyAttributesProperty.builder()
                 .keyAlgorithm("keyAlgorithm")
                 .keyClass("keyClass")
                 .keyModesOfUse(KeyModesOfUseProperty.builder()
                         .decrypt(false)
                         .deriveKey(false)
                         .encrypt(false)
                         .generate(false)
                         .noRestrictions(false)
                         .sign(false)
                         .unwrap(false)
                         .verify(false)
                         .wrap(false)
                         .build())
                 .keyUsage("keyUsage")
                 .build())
         // the properties below are optional
         .enabled(false)
         .keyCheckValueAlgorithm("keyCheckValueAlgorithm")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnKey

      protected CfnKey(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnKey

      protected CfnKey(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnKey

      @Stability(Stable) public CfnKey(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnKeyProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrKeyIdentifier

      @Stability(Stable) @NotNull public String getAttrKeyIdentifier()

    • getAttrKeyOrigin

      @Stability(Stable) @NotNull public String getAttrKeyOrigin()
      The source of the key material.

      For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .

    • getAttrKeyState

      @Stability(Stable) @NotNull public String getAttrKeyState()
      The state of key that is being created or deleted.

    • getCdkTagManager

      @Stability(Stable) @NotNull public TagManager getCdkTagManager()
      Tag Manager which manages the tags for this resource.
      Specified by:
      getCdkTagManager in interface ITaggableV2

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getExportable

      @Stability(Stable) @NotNull public Object getExportable()
      Specifies whether the key is exportable.

    • setExportable

      @Stability(Stable) public void setExportable(@NotNull Boolean value)
      Specifies whether the key is exportable.

    • setExportable

      @Stability(Stable) public void setExportable(@NotNull IResolvable value)
      Specifies whether the key is exportable.

    • getKeyAttributes

      @Stability(Stable) @NotNull public Object getKeyAttributes()
      The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.

    • setKeyAttributes

      @Stability(Stable) public void setKeyAttributes(@NotNull IResolvable value)
      The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.

    • setKeyAttributes

      @Stability(Stable) public void setKeyAttributes(@NotNull CfnKey.KeyAttributesProperty value)
      The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.

    • getEnabled

      @Stability(Stable) @Nullable public Object getEnabled()
      Specifies whether the key is enabled.

    • setEnabled

      @Stability(Stable) public void setEnabled(@Nullable Boolean value)
      Specifies whether the key is enabled.

    • setEnabled

      @Stability(Stable) public void setEnabled(@Nullable IResolvable value)
      Specifies whether the key is enabled.

    • getKeyCheckValueAlgorithm

      @Stability(Stable) @Nullable public String getKeyCheckValueAlgorithm()
      The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).

    • setKeyCheckValueAlgorithm

      @Stability(Stable) public void setKeyCheckValueAlgorithm(@Nullable String value)
      The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).

    • getTags

      @Stability(Stable) @Nullable public List<CfnTag> getTags()

    • setTags

      @Stability(Stable) public void setTags(@Nullable List<CfnTag> value)