Class: Aws::AccessAnalyzer::Types::KmsGrantConfiguration

Inherits:

Struct

• Object
• Struct
• Aws::AccessAnalyzer::Types::KmsGrantConfiguration

Defined in:

gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb

Overview

A proposed grant configuration for a KMS key. For more information, see CreateGrant.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #constraints ⇒ Types::KmsGrantConstraints

  Use this structure to propose allowing [cryptographic operations][1] in the grant only when the operation request includes the specified [encryption context][2].

• #grantee_principal ⇒ String

  The principal that is given permission to perform the operations that the grant permits.

• #issuing_account ⇒ String

  The Amazon Web Services account under which the grant was issued.

• #operations ⇒ Array<String>

  A list of operations that the grant permits.

• #retiring_principal ⇒ String

  The principal that is given permission to retire the grant by using [RetireGrant][1] operation.

Instance Attribute Details

#constraints ⇒ Types::KmsGrantConstraints

Use this structure to propose allowing cryptographic operations in the grant only when the operation request includes the specified encryption context.

Returns:

• (Types::KmsGrantConstraints)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1754

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#grantee_principal ⇒ String

The principal that is given permission to perform the operations that the grant permits.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1754

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#issuing_account ⇒ String

The Amazon Web Services account under which the grant was issued. The account is used to propose KMS grants issued by accounts other than the owner of the key.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1754

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#operations ⇒ Array<String>

A list of operations that the grant permits.

Returns:

• (Array<String>)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1754

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end

#retiring_principal ⇒ String

The principal that is given permission to retire the grant by using RetireGrant operation.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1754

class KmsGrantConfiguration < Struct.new(
  :operations,
  :grantee_principal,
  :retiring_principal,
  :constraints,
  :issuing_account)
  SENSITIVE = []
  include Aws::Structure
end