Class: Aws::AccessAnalyzer::Types::KmsGrantConfiguration

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb

Overview

A proposed grant configuration for a KMS key. For more information, see CreateGrant.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#constraintsTypes::KmsGrantConstraints

Use this structure to propose allowing cryptographic operations in the grant only when the operation request includes the specified encryption context.



2195
2196
2197
2198
2199
2200
2201
2202
2203
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 2195

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#grantee_principalString

The principal that is given permission to perform the operations that the grant permits.

Returns:

  • (String)


2195
2196
2197
2198
2199
2200
2201
2202
2203
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 2195

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#issuing_accountString

The Amazon Web Services account under which the grant was issued. The account is used to propose KMS grants issued by accounts other than the owner of the key.

Returns:

  • (String)


2195
2196
2197
2198
2199
2200
2201
2202
2203
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 2195

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#operationsArray<String>

A list of operations that the grant permits.

Returns:

  • (Array<String>)


2195
2196
2197
2198
2199
2200
2201
2202
2203
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 2195

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#retiring_principalString

The principal that is given permission to retire the grant by using RetireGrant operation.

Returns:

  • (String)


2195
2196
2197
2198
2199
2200
2201
2202
2203
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 2195

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end