Class: Aws::KMS::Types::GenerateDataKeyResponse
- Inherits:
-
Struct
- Object
- Struct
- Aws::KMS::Types::GenerateDataKeyResponse
- Defined in:
- gems/aws-sdk-kms/lib/aws-sdk-kms/types.rb
Overview
Constant Summary collapse
- SENSITIVE =
[:plaintext]
Instance Attribute Summary collapse
-
#ciphertext_blob ⇒ String
The encrypted copy of the data key.
-
#ciphertext_for_recipient ⇒ String
The plaintext data key encrypted with the public key from the Nitro enclave.
-
#key_id ⇒ String
The Amazon Resource Name ([key ARN][1]) of the KMS key that encrypted the data key.
-
#plaintext ⇒ String
The plaintext data key.
Instance Attribute Details
#ciphertext_blob ⇒ String
The encrypted copy of the data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
2951 2952 2953 2954 2955 2956 2957 2958 |
# File 'gems/aws-sdk-kms/lib/aws-sdk-kms/types.rb', line 2951 class GenerateDataKeyResponse < Struct.new( :ciphertext_blob, :plaintext, :key_id, :ciphertext_for_recipient) SENSITIVE = [:plaintext] include Aws::Structure end |
#ciphertext_for_recipient ⇒ String
The plaintext data key encrypted with the public key from the Nitro enclave. This ciphertext can be decrypted only by using a private key in the Nitro enclave.
This field is included in the response only when the Recipient
parameter in the request includes a valid attestation document from
an Amazon Web Services Nitro enclave. For information about the
interaction between KMS and Amazon Web Services Nitro Enclaves, see
How Amazon Web Services Nitro Enclaves uses KMS in the Key
Management Service Developer Guide.
2951 2952 2953 2954 2955 2956 2957 2958 |
# File 'gems/aws-sdk-kms/lib/aws-sdk-kms/types.rb', line 2951 class GenerateDataKeyResponse < Struct.new( :ciphertext_blob, :plaintext, :key_id, :ciphertext_for_recipient) SENSITIVE = [:plaintext] include Aws::Structure end |
#key_id ⇒ String
The Amazon Resource Name (key ARN) of the KMS key that encrypted the data key.
2951 2952 2953 2954 2955 2956 2957 2958 |
# File 'gems/aws-sdk-kms/lib/aws-sdk-kms/types.rb', line 2951 class GenerateDataKeyResponse < Struct.new( :ciphertext_blob, :plaintext, :key_id, :ciphertext_for_recipient) SENSITIVE = [:plaintext] include Aws::Structure end |
#plaintext ⇒ String
The plaintext data key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. Use this data key to encrypt your data outside of KMS. Then, remove it from memory as soon as possible.
If the response includes the CiphertextForRecipient
field, the
Plaintext
field is null or empty.
2951 2952 2953 2954 2955 2956 2957 2958 |
# File 'gems/aws-sdk-kms/lib/aws-sdk-kms/types.rb', line 2951 class GenerateDataKeyResponse < Struct.new( :ciphertext_blob, :plaintext, :key_id, :ciphertext_for_recipient) SENSITIVE = [:plaintext] include Aws::Structure end |