Package com.oracle.bmc.keymanagement

Class KmsManagementClient

    • Field Detail

      • SERVICE

        public static final Service SERVICE
        Service instance for KmsManagement.

      • clientCommonLibraryVersion

        public final String clientCommonLibraryVersion
        Compatible SDK version, provided by the codegen.

      • minimumClientCommonLibraryVersionFromClient

        public final Optional<String> minimumClientCommonLibraryVersionFromClient
        Minimum compatible SDK version, maybe provided by the codegen.

    • Constructor Detail

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(BasicAuthenticationDetailsProvider authenticationDetailsProvider)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(BasicAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(BasicAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration,
                           ClientConfigurator clientConfigurator)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration
        clientConfigurator - Builder#clientConfigurator

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration,
                           ClientConfigurator clientConfigurator,
                           RequestSignerFactory defaultRequestSignerFactory)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration
        clientConfigurator - Builder#clientConfigurator
        defaultRequestSignerFactory - Builder#requestSignerFactory

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration,
                           ClientConfigurator clientConfigurator,
                           RequestSignerFactory defaultRequestSignerFactory,
                           List<ClientConfigurator> additionalClientConfigurators)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration
        clientConfigurator - Builder#clientConfigurator
        defaultRequestSignerFactory - Builder#requestSignerFactory
        additionalClientConfigurators - Builder#additionalClientConfigurators

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration,
                           ClientConfigurator clientConfigurator,
                           RequestSignerFactory defaultRequestSignerFactory,
                           List<ClientConfigurator> additionalClientConfigurators,
                           String endpoint)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration
        clientConfigurator - Builder#clientConfigurator
        defaultRequestSignerFactory - Builder#requestSignerFactory
        additionalClientConfigurators - Builder#additionalClientConfigurators
        endpoint - Builder#endpoint

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration,
                           ClientConfigurator clientConfigurator,
                           RequestSignerFactory defaultRequestSignerFactory,
                           Map<SigningStrategy,​RequestSignerFactory> signingStrategyRequestSignerFactories,
                           List<ClientConfigurator> additionalClientConfigurators,
                           String endpoint)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration
        clientConfigurator - Builder#clientConfigurator
        defaultRequestSignerFactory - Builder#requestSignerFactory
        additionalClientConfigurators - Builder#additionalClientConfigurators
        endpoint - Builder#endpoint
        signingStrategyRequestSignerFactories - Builder#signingStrategyRequestSignerFactories

      • KmsManagementClient

        @Deprecated
public KmsManagementClient​(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
                           ClientConfiguration configuration,
                           ClientConfigurator clientConfigurator,
                           RequestSignerFactory defaultRequestSignerFactory,
                           Map<SigningStrategy,​RequestSignerFactory> signingStrategyRequestSignerFactories,
                           List<ClientConfigurator> additionalClientConfigurators,
                           String endpoint,
                           ExecutorService executorService)
        Deprecated.
        Use the builder instead.
        Create a new client instance.
        Parameters:
        authenticationDetailsProvider - The authentication details (see Builder#build)
        configuration - Builder#configuration
        clientConfigurator - Builder#clientConfigurator
        defaultRequestSignerFactory - Builder#requestSignerFactory
        additionalClientConfigurators - Builder#additionalClientConfigurators
        endpoint - Builder#endpoint
        signingStrategyRequestSignerFactories - Builder#signingStrategyRequestSignerFactories
        executorService - Builder#executorService

    • Method Detail

      • backupKey

        public BackupKeyResponse backupKey​(BackupKeyRequest request)
        Description copied from interface: KmsManagement
        Backs up an encrypted file that contains all key versions and metadata of the specified key so that you can restore the key later.

        The file also contains the metadata of the vault that the key belonged to.

        Specified by:
        backupKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • cancelKeyDeletion

        public CancelKeyDeletionResponse cancelKeyDeletion​(CancelKeyDeletionRequest request)
        Description copied from interface: KmsManagement
        Cancels the scheduled deletion of the specified key.

        Canceling a scheduled deletion restores the key’s lifecycle state to what it was before its scheduled deletion.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        cancelKeyDeletion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • cancelKeyVersionDeletion

        public CancelKeyVersionDeletionResponse cancelKeyVersionDeletion​(CancelKeyVersionDeletionRequest request)
        Description copied from interface: KmsManagement
        Cancels the scheduled deletion of the specified key version.

        Canceling a scheduled deletion restores the key version to its lifecycle state from before its scheduled deletion.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        cancelKeyVersionDeletion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • changeKeyCompartment

        public ChangeKeyCompartmentResponse changeKeyCompartment​(ChangeKeyCompartmentRequest request)
        Description copied from interface: KmsManagement
        Moves a key into a different compartment within the same tenancy.

        For information about moving resources between compartments, see Moving Resources to a Different Compartment.

        When provided, if-match is checked against the ETag values of the key.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        changeKeyCompartment in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • createKey

        public CreateKeyResponse createKey​(CreateKeyRequest request)
        Description copied from interface: KmsManagement
        Creates a new master encryption key.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        createKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • createKeyVersion

        public CreateKeyVersionResponse createKeyVersion​(CreateKeyVersionRequest request)
        Description copied from interface: KmsManagement
        Generates a new KeyVersion resource that provides new cryptographic material for a master encryption key.

        The key must be in an ENABLED state to be rotated.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        createKeyVersion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • disableKey

        public DisableKeyResponse disableKey​(DisableKeyRequest request)
        Description copied from interface: KmsManagement
        Disables a master encryption key so it can no longer be used for encryption, decryption, or generating new data encryption keys.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        disableKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • enableKey

        public EnableKeyResponse enableKey​(EnableKeyRequest request)
        Description copied from interface: KmsManagement
        Enables a master encryption key so it can be used for encryption, decryption, or generating new data encryption keys.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        enableKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getKey

        public GetKeyResponse getKey​(GetKeyRequest request)
        Description copied from interface: KmsManagement
        Gets information about the specified master encryption key.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management read operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        getKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getKeyVersion

        public GetKeyVersionResponse getKeyVersion​(GetKeyVersionRequest request)
        Description copied from interface: KmsManagement
        Gets information about the specified key version.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management read operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        getKeyVersion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getReplicationStatus

        public GetReplicationStatusResponse getReplicationStatus​(GetReplicationStatusRequest request)
        Description copied from interface: KmsManagement
        When a vault has a replica, each operation on the vault or its resources, such as keys, is replicated and has an associated replicationId.

        Replication status provides details about whether the operation associated with the given replicationId has been successfully applied across replicas.

        Specified by:
        getReplicationStatus in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getWrappingKey

        public GetWrappingKeyResponse getWrappingKey​(GetWrappingKeyRequest request)
        Description copied from interface: KmsManagement
        Gets details about the public RSA wrapping key associated with the vault in the endpoint.

        Each vault has an RSA key-pair that wraps and unwraps AES key material for import into Key Management.

        Specified by:
        getWrappingKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • importKey

        public ImportKeyResponse importKey​(ImportKeyRequest request)
        Description copied from interface: KmsManagement
        Imports AES and RSA keys to create a new key.

        The key material must be base64-encoded and wrapped by the vault’s public RSA wrapping key before you can import it. Key Management supports both RSA and AES keys. The AES keys are symmetric keys of length 128 bits (16 bytes), 192 bits (24 bytes), or 256 bits (32 bytes), and the RSA keys are asymmetric keys of length 2048 bits (256 bytes), 3072 bits (384 bytes), and 4096 bits (512 bytes). Furthermore, the key length must match what you specify at the time of import. When importing an asymmetric key, only private key must be wrapped in PKCS8 format while the corresponding public key is generated internally by KMS.

        Specified by:
        importKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • importKeyVersion

        public ImportKeyVersionResponse importKeyVersion​(ImportKeyVersionRequest request)
        Description copied from interface: KmsManagement
        Imports AES key material to create a new key version and then rotate the key to begin using the new key version.

        The key material must be base64-encoded and wrapped by the vault’s public RSA wrapping key before you can import it. Key Management supports AES symmetric keys that are exactly 16, 24, or 32 bytes. Furthermore, the key length must match the length of the specified key and what you specify as the length at the time of import. When importing an asymmetric key, only the private key must be wrapped in PKCS8 format while the corresponding public key is generated internally by KMS.

        Specified by:
        importKeyVersion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • listKeyVersions

        public ListKeyVersionsResponse listKeyVersions​(ListKeyVersionsRequest request)
        Description copied from interface: KmsManagement
        Lists all KeyVersion resources for the specified master encryption key.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management read operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        listKeyVersions in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • listKeys

        public ListKeysResponse listKeys​(ListKeysRequest request)
        Description copied from interface: KmsManagement
        Lists the master encryption keys in the specified vault and compartment.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management read operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        listKeys in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • restoreKeyFromFile

        public RestoreKeyFromFileResponse restoreKeyFromFile​(RestoreKeyFromFileRequest request)
        Description copied from interface: KmsManagement
        Restores the specified key to the specified vault, based on information in the backup file provided.

        If the vault doesn’t exist, the operation returns a response with a 404 HTTP status error code. You need to first restore the vault associated with the key.

        Note: This operation consumes a stream.

        If the stream supports InputStream.mark(int) and InputStream.reset(), when a retry is necessary, the stream is reset so it starts at the beginning (or whatever the stream's position was at the time this operation is called}.

        Note this means that if the caller has used InputStream.mark(int) before, then the mark will not be the same anymore after this operation, and a subsequent call to InputStream.reset() by the caller will reset the stream not to the caller's mark, but to the position the stream was in when this operation was called.

        If the stream is a FileInputStream, and the stream's FileChannel position can be changed (like for a regular file), the stream will be wrapped in such a way that it does provide support for InputStream.mark(int) and InputStream.reset(). Then the same procedure as above is followed. If the stream's FileChannel position cannot be changed (like for a named pipe), then the stream's contents will be buffered in memory, as described below.

        If the stream does not support InputStream.mark(int) and InputStream.reset(), then the stream is wrapped in a BufferedInputStream, which means the entire contents may be buffered in memory. Then the same procedure as above is followed.

        The contents of the stream, except when the stream is a FileInputStream whose FileChannel position can be changed, should be less than 2 GiB in size if retries are used. This is because streams 2 GiB in size or larger do no guarantee that mark-and-reset can be performed. If the stream is larger, do not use built-in retries and manage retries yourself.

        Specified by:
        restoreKeyFromFile in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • restoreKeyFromObjectStore

        public RestoreKeyFromObjectStoreResponse restoreKeyFromObjectStore​(RestoreKeyFromObjectStoreRequest request)
        Description copied from interface: KmsManagement
        Restores the specified key to the specified vault from an Oracle Cloud Infrastructure Object Storage location.

        If the vault doesn’t exist, the operation returns a response with a 404 HTTP status error code. You need to first restore the vault associated with the key.

        Specified by:
        restoreKeyFromObjectStore in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • scheduleKeyDeletion

        public ScheduleKeyDeletionResponse scheduleKeyDeletion​(ScheduleKeyDeletionRequest request)
        Description copied from interface: KmsManagement
        Schedules the deletion of the specified key.

        This sets the lifecycle state of the key to PENDING_DELETION and then deletes it after the specified retention period ends.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        scheduleKeyDeletion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • scheduleKeyVersionDeletion

        public ScheduleKeyVersionDeletionResponse scheduleKeyVersionDeletion​(ScheduleKeyVersionDeletionRequest request)
        Description copied from interface: KmsManagement
        Schedules the deletion of the specified key version.

        This sets the lifecycle state of the key version to PENDING_DELETION and then deletes it after the specified retention period ends.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        scheduleKeyVersionDeletion in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • updateKey

        public UpdateKeyResponse updateKey​(UpdateKeyRequest request)
        Description copied from interface: KmsManagement
        Updates the properties of a master encryption key.

        Specifically, you can update the displayName, freeformTags, and definedTags properties. Furthermore, the key must be in an ENABLED or CREATING state to be updated.

        As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        updateKey in interface KmsManagement
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getPaginators

        public KmsManagementPaginators getPaginators()
        Description copied from interface: KmsManagement
        Gets the pre-configured paginators available for list operations in this service which may return multiple pages of data.

        These paginators provide an Iterable interface so that service responses, or resources/records, can be iterated through without having to manually deal with pagination and page tokens.

        Specified by:
        getPaginators in interface KmsManagement
        Returns:
        The service paginators.

      • useRealmSpecificEndpointTemplate

        public void useRealmSpecificEndpointTemplate​(boolean useOfRealmSpecificEndpointTemplateEnabled)
        This method should be used to enable or disable the use of realm-specific endpoint template.

        The default value is null. To enable the use of endpoint template defined for the realm in use, set the flag to true To disable the use of endpoint template defined for the realm in use, set the flag to false

        Parameters:
        useOfRealmSpecificEndpointTemplateEnabled - This flag can be set to true or false to enable or disable the use of realm-specific endpoint template respectively

      • populateServiceParametersInEndpoint

        public final void populateServiceParametersInEndpoint​(String endpoint,
                                                      Map<String,​Object> requiredParametersMap)
        Populate the parameters in the endpoint with its corresponding value and update the base endpoint.

        The value will be populated iff the parameter in endpoint is a required request path parameter or a required request query parameter. If not, the parameter in the endpoint will be ignored and left blank.

        Parameters:
        endpoint - The endpoint template in use
        requiredParametersMap - Map of parameter name as key and value set in request path or query parameter as value

      • updateBaseEndpoint

        public final void updateBaseEndpoint​(String endpoint)
        This method should be used for parameterized endpoint templates only.

        This does not include {region} and {secondLevelDomain} parameters.

        Parameters:
        endpoint - The updated endpoint to use

      • setEndpoint

        public final void setEndpoint​(String endpoint)

      • getEndpoint

        public final String getEndpoint()

      • refreshClient

        public final void refreshClient()
        Rebuild the backing HttpClient.

        This will call ClientConfigurators again, and can be used to e.g. refresh the SSL certificate.

      • setRegion

        protected void setRegion​(Region region)

      • setRegion

        protected void setRegion​(String regionId)

      • getClientCommonLibraryVersion

        public String getClientCommonLibraryVersion()

      • getMinimumClientCommonLibraryVersionFromClient

        public Optional<String> getMinimumClientCommonLibraryVersionFromClient()