com.amazonaws.services.kms.model

Class ImportKeyMaterialRequest

java.lang.Object

com.amazonaws.AmazonWebServiceRequest

com.amazonaws.services.kms.model.ImportKeyMaterialRequest

All Implemented Interfaces:

Serializable, Cloneable

public class ImportKeyMaterialRequest
extends AmazonWebServiceRequest
implements Serializable

Imports key material into an AWS KMS customer master key (CMK) from your existing key management infrastructure. For more information about importing key material into AWS KMS, see Importing Key Material in the AWS Key Management Service Developer Guide.

You must specify the key ID of the CMK to import the key material into. This CMK's Origin must be EXTERNAL. You must also send an import token and the encrypted key material. Send the import token that you received in the same GetParametersForImport response that contained the public key that you used to encrypt the key material. You must also specify whether the key material expires and if so, when. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. To use the CMK again, you can reimport the same key material. If you set an expiration date, you can change it only by reimporting the same key material and specifying a new expiration date.

When this operation is successful, the specified CMK's key state changes to Enabled, and you can use the CMK.

After you successfully import key material into a CMK, you can reimport the same key material into that CMK, but you cannot import different key material.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
ImportKeyMaterialRequest()

Method Summary

Modifier and Type	Method and Description
boolean	equals(Object obj)
ByteBuffer	getEncryptedKeyMaterial() The encrypted key material to import.
String	getExpirationModel() Specifies whether the key material expires.
ByteBuffer	getImportToken() The import token that you received in the response to a previous GetParametersForImport request.
String	getKeyId() The identifier of the CMK to import the key material into.
Date	getValidTo() The time at which the imported key material expires.
int	hashCode()
void	setEncryptedKeyMaterial(ByteBuffer encryptedKeyMaterial) The encrypted key material to import.
void	setExpirationModel(ExpirationModelType expirationModel) Specifies whether the key material expires.
void	setExpirationModel(String expirationModel) Specifies whether the key material expires.
void	setImportToken(ByteBuffer importToken) The import token that you received in the response to a previous GetParametersForImport request.
void	setKeyId(String keyId) The identifier of the CMK to import the key material into.
void	setValidTo(Date validTo) The time at which the imported key material expires.
String	toString() Returns a string representation of this object; useful for testing and debugging.
ImportKeyMaterialRequest	withEncryptedKeyMaterial(ByteBuffer encryptedKeyMaterial) The encrypted key material to import.
ImportKeyMaterialRequest	withExpirationModel(ExpirationModelType expirationModel) Specifies whether the key material expires.
ImportKeyMaterialRequest	withExpirationModel(String expirationModel) Specifies whether the key material expires.
ImportKeyMaterialRequest	withImportToken(ByteBuffer importToken) The import token that you received in the response to a previous GetParametersForImport request.
ImportKeyMaterialRequest	withKeyId(String keyId) The identifier of the CMK to import the key material into.
ImportKeyMaterialRequest	withValidTo(Date validTo) The time at which the imported key material expires.

Methods inherited from class com.amazonaws.AmazonWebServiceRequest

clone, copyBaseTo, getCloneRoot, getCloneSource, getGeneralProgressListener, getRequestClientOptions, getRequestCredentials, getRequestMetricCollector, setGeneralProgressListener, setRequestCredentials, setRequestMetricCollector, withGeneralProgressListener, withRequestMetricCollector

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

ImportKeyMaterialRequest

public ImportKeyMaterialRequest()

Method Detail

getKeyId

public String getKeyId()

The identifier of the CMK to import the key material into. The CMK's Origin must be EXTERNAL.

A valid identifier is the unique key ID or the Amazon Resource Name (ARN) of the CMK. Examples:

• Unique key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Constraints:
Length: 1 - 256

Returns:

The identifier of the CMK to import the key material into. The CMK's Origin must be EXTERNAL.

A valid identifier is the unique key ID or the Amazon Resource Name (ARN) of the CMK. Examples:

• Unique key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

setKeyId

public void setKeyId(String keyId)

The identifier of the CMK to import the key material into. The CMK's Origin must be EXTERNAL.

A valid identifier is the unique key ID or the Amazon Resource Name (ARN) of the CMK. Examples:

• Unique key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Constraints:
Length: 1 - 256

Parameters:

keyId -

The identifier of the CMK to import the key material into. The CMK's Origin must be EXTERNAL.

A valid identifier is the unique key ID or the Amazon Resource Name (ARN) of the CMK. Examples:

• Unique key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

withKeyId

public ImportKeyMaterialRequest withKeyId(String keyId)

The identifier of the CMK to import the key material into. The CMK's Origin must be EXTERNAL.

A valid identifier is the unique key ID or the Amazon Resource Name (ARN) of the CMK. Examples:

• Unique key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 1 - 256

Parameters:

keyId -

The identifier of the CMK to import the key material into. The CMK's Origin must be EXTERNAL.

A valid identifier is the unique key ID or the Amazon Resource Name (ARN) of the CMK. Examples:

• Unique key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Returns:

A reference to this updated object so that method calls can be chained together.

getImportToken

public ByteBuffer getImportToken()

The import token that you received in the response to a previous GetParametersForImport request. It must be from the same response that contained the public key that you used to encrypt the key material.

Constraints:
Length: 1 - 6144

Returns:

The import token that you received in the response to a previous GetParametersForImport request. It must be from the same response that contained the public key that you used to encrypt the key material.

setImportToken

public void setImportToken(ByteBuffer importToken)

The import token that you received in the response to a previous GetParametersForImport request. It must be from the same response that contained the public key that you used to encrypt the key material.

Constraints:
Length: 1 - 6144

Parameters:

importToken -

The import token that you received in the response to a previous GetParametersForImport request. It must be from the same response that contained the public key that you used to encrypt the key material.

withImportToken

public ImportKeyMaterialRequest withImportToken(ByteBuffer importToken)

The import token that you received in the response to a previous GetParametersForImport request. It must be from the same response that contained the public key that you used to encrypt the key material.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 1 - 6144

Parameters:

importToken -

The import token that you received in the response to a previous GetParametersForImport request. It must be from the same response that contained the public key that you used to encrypt the key material.

Returns:

A reference to this updated object so that method calls can be chained together.

getEncryptedKeyMaterial

public ByteBuffer getEncryptedKeyMaterial()

The encrypted key material to import. It must be encrypted with the public key that you received in the response to a previous GetParametersForImport request, using the wrapping algorithm that you specified in that request.

Constraints:
Length: 1 - 6144

Returns:

The encrypted key material to import. It must be encrypted with the public key that you received in the response to a previous GetParametersForImport request, using the wrapping algorithm that you specified in that request.

setEncryptedKeyMaterial

public void setEncryptedKeyMaterial(ByteBuffer encryptedKeyMaterial)

The encrypted key material to import. It must be encrypted with the public key that you received in the response to a previous GetParametersForImport request, using the wrapping algorithm that you specified in that request.

Constraints:
Length: 1 - 6144

Parameters:

encryptedKeyMaterial -

The encrypted key material to import. It must be encrypted with the public key that you received in the response to a previous GetParametersForImport request, using the wrapping algorithm that you specified in that request.

withEncryptedKeyMaterial

public ImportKeyMaterialRequest withEncryptedKeyMaterial(ByteBuffer encryptedKeyMaterial)

The encrypted key material to import. It must be encrypted with the public key that you received in the response to a previous GetParametersForImport request, using the wrapping algorithm that you specified in that request.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 1 - 6144

Parameters:

encryptedKeyMaterial -

The encrypted key material to import. It must be encrypted with the public key that you received in the response to a previous GetParametersForImport request, using the wrapping algorithm that you specified in that request.

Returns:

A reference to this updated object so that method calls can be chained together.

getValidTo

public Date getValidTo()

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. You must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

Returns:

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. You must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

setValidTo

public void setValidTo(Date validTo)

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. You must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

Parameters:

validTo -

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. You must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

withValidTo

public ImportKeyMaterialRequest withValidTo(Date validTo)

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. You must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

Returns a reference to this object so that method calls can be chained together.

Parameters:

validTo -

The time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. You must omit this parameter when the ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

Returns:

A reference to this updated object so that method calls can be chained together.

getExpirationModel

public String getExpirationModel()

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Constraints:
Allowed Values: KEY_MATERIAL_EXPIRES, KEY_MATERIAL_DOES_NOT_EXPIRE

Returns:

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

See Also:

ExpirationModelType

setExpirationModel

public void setExpirationModel(String expirationModel)

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Constraints:
Allowed Values: KEY_MATERIAL_EXPIRES, KEY_MATERIAL_DOES_NOT_EXPIRE

Parameters:

expirationModel -

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

See Also:

ExpirationModelType

withExpirationModel

public ImportKeyMaterialRequest withExpirationModel(String expirationModel)

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Allowed Values: KEY_MATERIAL_EXPIRES, KEY_MATERIAL_DOES_NOT_EXPIRE

Parameters:

expirationModel -

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Returns:

A reference to this updated object so that method calls can be chained together.

See Also:

ExpirationModelType

setExpirationModel

public void setExpirationModel(ExpirationModelType expirationModel)

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Constraints:
Allowed Values: KEY_MATERIAL_EXPIRES, KEY_MATERIAL_DOES_NOT_EXPIRE

Parameters:

expirationModel -

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

See Also:

ExpirationModelType

withExpirationModel

public ImportKeyMaterialRequest withExpirationModel(ExpirationModelType expirationModel)

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Allowed Values: KEY_MATERIAL_EXPIRES, KEY_MATERIAL_DOES_NOT_EXPIRE

Parameters:

expirationModel -

Specifies whether the key material expires. The default is KEY_MATERIAL_EXPIRES, in which case you must include the ValidTo parameter. When this parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo parameter.

Returns:

A reference to this updated object so that method calls can be chained together.

See Also:

ExpirationModelType

toString

public String toString()

Returns a string representation of this object; useful for testing and debugging.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object