Class: AWSCDK::PaymentCryptography::CfnKeyProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
payment_cryptography/cfn_key_props.rb

Overview

Properties for defining a CfnKey.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(exportable:, key_attributes:, derive_key_usage: nil, enabled: nil, key_check_value_algorithm: nil, policy: nil, replication_regions: nil, tags: nil) ⇒ CfnKeyProps

Returns a new instance of CfnKeyProps.

Parameters:

  • exportable (Boolean, AWSCDK::IResolvable)

    Specifies whether the key is exportable.

  • key_attributes (AWSCDK::IResolvable, AWSCDK::PaymentCryptography::CfnKey::KeyAttributesProperty)

    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.

  • derive_key_usage (String, nil) (defaults to: nil)

    The cryptographic usage of an ECDH derived key as defined in section A.5.2 of the TR-31 spec.

  • enabled (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Specifies whether the key is enabled.

  • key_check_value_algorithm (String, nil) (defaults to: nil)

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).

  • policy (String, nil) (defaults to: nil)

    The resource-based policy attached to the key, in JSON format.

  • replication_regions (Array<String>, nil) (defaults to: nil)

    The list of AWS Regions to remove from the key's replication configuration.

  • tags (Array<AWSCDK::CfnTag>, nil) (defaults to: nil)


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'payment_cryptography/cfn_key_props.rb', line 17

def initialize(exportable:, key_attributes:, derive_key_usage: nil, enabled: nil, key_check_value_algorithm: nil, policy: nil, replication_regions: nil, tags: nil)
  @exportable = exportable
  Jsii::Type.check_type(@exportable, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "exportable")
  @key_attributes = key_attributes.is_a?(Hash) ? ::AWSCDK::PaymentCryptography::CfnKey::KeyAttributesProperty.new(**key_attributes.transform_keys(&:to_sym)) : key_attributes
  Jsii::Type.check_type(@key_attributes, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19wYXltZW50Y3J5cHRvZ3JhcGh5LkNmbktleS5LZXlBdHRyaWJ1dGVzUHJvcGVydHkifV19fQ==")), "keyAttributes")
  @derive_key_usage = derive_key_usage
  Jsii::Type.check_type(@derive_key_usage, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "deriveKeyUsage") unless @derive_key_usage.nil?
  @enabled = enabled
  Jsii::Type.check_type(@enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "enabled") unless @enabled.nil?
  @key_check_value_algorithm = key_check_value_algorithm
  Jsii::Type.check_type(@key_check_value_algorithm, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "keyCheckValueAlgorithm") unless @key_check_value_algorithm.nil?
  @policy = policy
  Jsii::Type.check_type(@policy, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "policy") unless @policy.nil?
  @replication_regions = replication_regions
  Jsii::Type.check_type(@replication_regions, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "replicationRegions") unless @replication_regions.nil?
  @tags = tags.is_a?(Array) ? tags.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::CfnTag.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : tags
  Jsii::Type.check_type(@tags, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLkNmblRhZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "tags") unless @tags.nil?
end

Instance Attribute Details

#derive_key_usageString? (readonly)

The cryptographic usage of an ECDH derived key as defined in section A.5.2 of the TR-31 spec.



54
55
56
# File 'payment_cryptography/cfn_key_props.rb', line 54

def derive_key_usage
  @derive_key_usage
end

#enabledBoolean, ... (readonly)

Specifies whether the key is enabled.



59
60
61
# File 'payment_cryptography/cfn_key_props.rb', line 59

def enabled
  @enabled
end

#exportableBoolean, AWSCDK::IResolvable (readonly)

Specifies whether the key is exportable.

This data is immutable after the key is created.



42
43
44
# File 'payment_cryptography/cfn_key_props.rb', line 42

def exportable
  @exportable
end

#key_attributesAWSCDK::IResolvable, AWSCDK::PaymentCryptography::CfnKey::KeyAttributesProperty (readonly)

The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.

This data is immutable after the key is created.



49
50
51
# File 'payment_cryptography/cfn_key_props.rb', line 49

def key_attributes
  @key_attributes
end

#key_check_value_algorithmString? (readonly)

The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).

It is used to validate the key integrity.

For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.



68
69
70
# File 'payment_cryptography/cfn_key_props.rb', line 68

def key_check_value_algorithm
  @key_check_value_algorithm
end

#policyString? (readonly)

The resource-based policy attached to the key, in JSON format.



73
74
75
# File 'payment_cryptography/cfn_key_props.rb', line 73

def policy
  @policy
end

#replication_regionsArray<String>? (readonly)

The list of AWS Regions to remove from the key's replication configuration.

The key will no longer be available for cryptographic operations in these regions after removal. Ensure no active operations depend on the key in these regions before removal.



80
81
82
# File 'payment_cryptography/cfn_key_props.rb', line 80

def replication_regions
  @replication_regions
end

#tagsArray<AWSCDK::CfnTag>? (readonly)



83
84
85
# File 'payment_cryptography/cfn_key_props.rb', line 83

def tags
  @tags
end

Class Method Details

.jsii_propertiesObject



85
86
87
88
89
90
91
92
93
94
95
96
# File 'payment_cryptography/cfn_key_props.rb', line 85

def self.jsii_properties
  {
    :exportable => "exportable",
    :key_attributes => "keyAttributes",
    :derive_key_usage => "deriveKeyUsage",
    :enabled => "enabled",
    :key_check_value_algorithm => "keyCheckValueAlgorithm",
    :policy => "policy",
    :replication_regions => "replicationRegions",
    :tags => "tags",
  }
end

Instance Method Details

#to_jsiiObject



98
99
100
101
102
103
104
105
106
107
108
109
110
111
# File 'payment_cryptography/cfn_key_props.rb', line 98

def to_jsii
  result = {}
  result.merge!({
    "exportable" => @exportable,
    "keyAttributes" => @key_attributes,
    "deriveKeyUsage" => @derive_key_usage,
    "enabled" => @enabled,
    "keyCheckValueAlgorithm" => @key_check_value_algorithm,
    "policy" => @policy,
    "replicationRegions" => @replication_regions,
    "tags" => @tags,
  })
  result.compact
end