aws_sdk_kms/operation/put_key_policy/builders.rs
1// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
2pub use crate::operation::put_key_policy::_put_key_policy_output::PutKeyPolicyOutputBuilder;
3
4pub use crate::operation::put_key_policy::_put_key_policy_input::PutKeyPolicyInputBuilder;
5
6impl crate::operation::put_key_policy::builders::PutKeyPolicyInputBuilder {
7 /// Sends a request with this input using the given client.
8 pub async fn send_with(
9 self,
10 client: &crate::Client,
11 ) -> ::std::result::Result<
12 crate::operation::put_key_policy::PutKeyPolicyOutput,
13 ::aws_smithy_runtime_api::client::result::SdkError<
14 crate::operation::put_key_policy::PutKeyPolicyError,
15 ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
16 >,
17 > {
18 let mut fluent_builder = client.put_key_policy();
19 fluent_builder.inner = self;
20 fluent_builder.send().await
21 }
22}
23/// Fluent builder constructing a request to `PutKeyPolicy`.
24///
25/// <p>Attaches a key policy to the specified KMS key.</p>
26/// <p>For more information about key policies, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html">Key Policies</a> in the <i>Key Management Service Developer Guide</i>. For help writing and formatting a JSON policy document, see the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html">IAM JSON Policy Reference</a> in the <i> <i>Identity and Access Management User Guide</i> </i>. For examples of adding a key policy in multiple programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-key-policies.html#put-policy">Setting a key policy</a> in the <i>Key Management Service Developer Guide</i>.</p>
27/// <p><b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
28/// <p><b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:PutKeyPolicy</a> (key policy)</p>
29/// <p><b>Related operations</b>: <code>GetKeyPolicy</code></p>
30/// <p><b>Eventual consistency</b>: The KMS API follows an eventual consistency model. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html">KMS eventual consistency</a>.</p>
31#[derive(::std::clone::Clone, ::std::fmt::Debug)]
32pub struct PutKeyPolicyFluentBuilder {
33 handle: ::std::sync::Arc<crate::client::Handle>,
34 inner: crate::operation::put_key_policy::builders::PutKeyPolicyInputBuilder,
35 config_override: ::std::option::Option<crate::config::Builder>,
36}
37impl
38 crate::client::customize::internal::CustomizableSend<
39 crate::operation::put_key_policy::PutKeyPolicyOutput,
40 crate::operation::put_key_policy::PutKeyPolicyError,
41 > for PutKeyPolicyFluentBuilder
42{
43 fn send(
44 self,
45 config_override: crate::config::Builder,
46 ) -> crate::client::customize::internal::BoxFuture<
47 crate::client::customize::internal::SendResult<
48 crate::operation::put_key_policy::PutKeyPolicyOutput,
49 crate::operation::put_key_policy::PutKeyPolicyError,
50 >,
51 > {
52 ::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
53 }
54}
55impl PutKeyPolicyFluentBuilder {
56 /// Creates a new `PutKeyPolicyFluentBuilder`.
57 pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
58 Self {
59 handle,
60 inner: ::std::default::Default::default(),
61 config_override: ::std::option::Option::None,
62 }
63 }
64 /// Access the PutKeyPolicy as a reference.
65 pub fn as_input(&self) -> &crate::operation::put_key_policy::builders::PutKeyPolicyInputBuilder {
66 &self.inner
67 }
68 /// Sends the request and returns the response.
69 ///
70 /// If an error occurs, an `SdkError` will be returned with additional details that
71 /// can be matched against.
72 ///
73 /// By default, any retryable failures will be retried twice. Retry behavior
74 /// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
75 /// set when configuring the client.
76 pub async fn send(
77 self,
78 ) -> ::std::result::Result<
79 crate::operation::put_key_policy::PutKeyPolicyOutput,
80 ::aws_smithy_runtime_api::client::result::SdkError<
81 crate::operation::put_key_policy::PutKeyPolicyError,
82 ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
83 >,
84 > {
85 let input = self
86 .inner
87 .build()
88 .map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
89 let runtime_plugins = crate::operation::put_key_policy::PutKeyPolicy::operation_runtime_plugins(
90 self.handle.runtime_plugins.clone(),
91 &self.handle.conf,
92 self.config_override,
93 );
94 crate::operation::put_key_policy::PutKeyPolicy::orchestrate(&runtime_plugins, input).await
95 }
96
97 /// Consumes this builder, creating a customizable operation that can be modified before being sent.
98 pub fn customize(
99 self,
100 ) -> crate::client::customize::CustomizableOperation<
101 crate::operation::put_key_policy::PutKeyPolicyOutput,
102 crate::operation::put_key_policy::PutKeyPolicyError,
103 Self,
104 > {
105 crate::client::customize::CustomizableOperation::new(self)
106 }
107 pub(crate) fn config_override(mut self, config_override: impl ::std::convert::Into<crate::config::Builder>) -> Self {
108 self.set_config_override(::std::option::Option::Some(config_override.into()));
109 self
110 }
111
112 pub(crate) fn set_config_override(&mut self, config_override: ::std::option::Option<crate::config::Builder>) -> &mut Self {
113 self.config_override = config_override;
114 self
115 }
116 /// <p>Sets the key policy on the specified KMS key.</p>
117 /// <p>Specify the key ID or key ARN of the KMS key.</p>
118 /// <p>For example:</p>
119 /// <ul>
120 /// <li>
121 /// <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code></p></li>
122 /// <li>
123 /// <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code></p></li>
124 /// </ul>
125 /// <p>To get the key ID and key ARN for a KMS key, use <code>ListKeys</code> or <code>DescribeKey</code>.</p>
126 pub fn key_id(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
127 self.inner = self.inner.key_id(input.into());
128 self
129 }
130 /// <p>Sets the key policy on the specified KMS key.</p>
131 /// <p>Specify the key ID or key ARN of the KMS key.</p>
132 /// <p>For example:</p>
133 /// <ul>
134 /// <li>
135 /// <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code></p></li>
136 /// <li>
137 /// <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code></p></li>
138 /// </ul>
139 /// <p>To get the key ID and key ARN for a KMS key, use <code>ListKeys</code> or <code>DescribeKey</code>.</p>
140 pub fn set_key_id(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
141 self.inner = self.inner.set_key_id(input);
142 self
143 }
144 /// <p>Sets the key policy on the specified KMS key.</p>
145 /// <p>Specify the key ID or key ARN of the KMS key.</p>
146 /// <p>For example:</p>
147 /// <ul>
148 /// <li>
149 /// <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code></p></li>
150 /// <li>
151 /// <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code></p></li>
152 /// </ul>
153 /// <p>To get the key ID and key ARN for a KMS key, use <code>ListKeys</code> or <code>DescribeKey</code>.</p>
154 pub fn get_key_id(&self) -> &::std::option::Option<::std::string::String> {
155 self.inner.get_key_id()
156 }
157 /// <p>The name of the key policy. If no policy name is specified, the default value is <code>default</code>. The only valid value is <code>default</code>.</p>
158 pub fn policy_name(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
159 self.inner = self.inner.policy_name(input.into());
160 self
161 }
162 /// <p>The name of the key policy. If no policy name is specified, the default value is <code>default</code>. The only valid value is <code>default</code>.</p>
163 pub fn set_policy_name(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
164 self.inner = self.inner.set_policy_name(input);
165 self
166 }
167 /// <p>The name of the key policy. If no policy name is specified, the default value is <code>default</code>. The only valid value is <code>default</code>.</p>
168 pub fn get_policy_name(&self) -> &::std::option::Option<::std::string::String> {
169 self.inner.get_policy_name()
170 }
171 /// <p>The key policy to attach to the KMS key.</p>
172 /// <p>The key policy must meet the following criteria:</p>
173 /// <ul>
174 /// <li>
175 /// <p>The key policy must allow the calling principal to make a subsequent <code>PutKeyPolicy</code> request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key">Default key policy</a> in the <i>Key Management Service Developer Guide</i>. (To omit this condition, set <code>BypassPolicyLockoutSafetyCheck</code> to true.)</p></li>
176 /// <li>
177 /// <p>Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency">Changes that I make are not always immediately visible</a> in the <i>Amazon Web Services Identity and Access Management User Guide</i>.</p></li>
178 /// </ul>
179 /// <p>A key policy document can include only the following characters:</p>
180 /// <ul>
181 /// <li>
182 /// <p>Printable ASCII characters from the space character (<code>\u0020</code>) through the end of the ASCII character range.</p></li>
183 /// <li>
184 /// <p>Printable characters in the Basic Latin and Latin-1 Supplement character set (through <code>\u00FF</code>).</p></li>
185 /// <li>
186 /// <p>The tab (<code>\u0009</code>), line feed (<code>\u000A</code>), and carriage return (<code>\u000D</code>) special characters</p></li>
187 /// </ul>
188 /// <p>For information about key policies, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html">Key policies in KMS</a> in the <i>Key Management Service Developer Guide</i>.For help writing and formatting a JSON policy document, see the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html">IAM JSON Policy Reference</a> in the <i> <i>Identity and Access Management User Guide</i> </i>.</p>
189 pub fn policy(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
190 self.inner = self.inner.policy(input.into());
191 self
192 }
193 /// <p>The key policy to attach to the KMS key.</p>
194 /// <p>The key policy must meet the following criteria:</p>
195 /// <ul>
196 /// <li>
197 /// <p>The key policy must allow the calling principal to make a subsequent <code>PutKeyPolicy</code> request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key">Default key policy</a> in the <i>Key Management Service Developer Guide</i>. (To omit this condition, set <code>BypassPolicyLockoutSafetyCheck</code> to true.)</p></li>
198 /// <li>
199 /// <p>Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency">Changes that I make are not always immediately visible</a> in the <i>Amazon Web Services Identity and Access Management User Guide</i>.</p></li>
200 /// </ul>
201 /// <p>A key policy document can include only the following characters:</p>
202 /// <ul>
203 /// <li>
204 /// <p>Printable ASCII characters from the space character (<code>\u0020</code>) through the end of the ASCII character range.</p></li>
205 /// <li>
206 /// <p>Printable characters in the Basic Latin and Latin-1 Supplement character set (through <code>\u00FF</code>).</p></li>
207 /// <li>
208 /// <p>The tab (<code>\u0009</code>), line feed (<code>\u000A</code>), and carriage return (<code>\u000D</code>) special characters</p></li>
209 /// </ul>
210 /// <p>For information about key policies, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html">Key policies in KMS</a> in the <i>Key Management Service Developer Guide</i>.For help writing and formatting a JSON policy document, see the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html">IAM JSON Policy Reference</a> in the <i> <i>Identity and Access Management User Guide</i> </i>.</p>
211 pub fn set_policy(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
212 self.inner = self.inner.set_policy(input);
213 self
214 }
215 /// <p>The key policy to attach to the KMS key.</p>
216 /// <p>The key policy must meet the following criteria:</p>
217 /// <ul>
218 /// <li>
219 /// <p>The key policy must allow the calling principal to make a subsequent <code>PutKeyPolicy</code> request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key">Default key policy</a> in the <i>Key Management Service Developer Guide</i>. (To omit this condition, set <code>BypassPolicyLockoutSafetyCheck</code> to true.)</p></li>
220 /// <li>
221 /// <p>Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal, you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency">Changes that I make are not always immediately visible</a> in the <i>Amazon Web Services Identity and Access Management User Guide</i>.</p></li>
222 /// </ul>
223 /// <p>A key policy document can include only the following characters:</p>
224 /// <ul>
225 /// <li>
226 /// <p>Printable ASCII characters from the space character (<code>\u0020</code>) through the end of the ASCII character range.</p></li>
227 /// <li>
228 /// <p>Printable characters in the Basic Latin and Latin-1 Supplement character set (through <code>\u00FF</code>).</p></li>
229 /// <li>
230 /// <p>The tab (<code>\u0009</code>), line feed (<code>\u000A</code>), and carriage return (<code>\u000D</code>) special characters</p></li>
231 /// </ul>
232 /// <p>For information about key policies, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html">Key policies in KMS</a> in the <i>Key Management Service Developer Guide</i>.For help writing and formatting a JSON policy document, see the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html">IAM JSON Policy Reference</a> in the <i> <i>Identity and Access Management User Guide</i> </i>.</p>
233 pub fn get_policy(&self) -> &::std::option::Option<::std::string::String> {
234 self.inner.get_policy()
235 }
236 /// <p>Skips ("bypasses") the key policy lockout safety check. The default value is false.</p><important>
237 /// <p>Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.</p>
238 /// <p>For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key">Default key policy</a> in the <i>Key Management Service Developer Guide</i>.</p>
239 /// </important>
240 /// <p>Use this parameter only when you intend to prevent the principal that is making the request from making a subsequent <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html">PutKeyPolicy</a> request on the KMS key.</p>
241 pub fn bypass_policy_lockout_safety_check(mut self, input: bool) -> Self {
242 self.inner = self.inner.bypass_policy_lockout_safety_check(input);
243 self
244 }
245 /// <p>Skips ("bypasses") the key policy lockout safety check. The default value is false.</p><important>
246 /// <p>Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.</p>
247 /// <p>For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key">Default key policy</a> in the <i>Key Management Service Developer Guide</i>.</p>
248 /// </important>
249 /// <p>Use this parameter only when you intend to prevent the principal that is making the request from making a subsequent <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html">PutKeyPolicy</a> request on the KMS key.</p>
250 pub fn set_bypass_policy_lockout_safety_check(mut self, input: ::std::option::Option<bool>) -> Self {
251 self.inner = self.inner.set_bypass_policy_lockout_safety_check(input);
252 self
253 }
254 /// <p>Skips ("bypasses") the key policy lockout safety check. The default value is false.</p><important>
255 /// <p>Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.</p>
256 /// <p>For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key">Default key policy</a> in the <i>Key Management Service Developer Guide</i>.</p>
257 /// </important>
258 /// <p>Use this parameter only when you intend to prevent the principal that is making the request from making a subsequent <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html">PutKeyPolicy</a> request on the KMS key.</p>
259 pub fn get_bypass_policy_lockout_safety_check(&self) -> &::std::option::Option<bool> {
260 self.inner.get_bypass_policy_lockout_safety_check()
261 }
262}