amazonka-kms-0.0.7: Amazon Key Management Service SDK.

Safe HaskellNone
LanguageHaskell2010

Network.AWS.KMS.ReEncrypt

Contents

Description

Encrypts data on the server side with a new customer master key without exposing the plaintext of the data on the client side. The data is first decrypted and then encrypted. This operation can also be used to change the encryption context of a ciphertext.

http://docs.aws.amazon.com/kms/latest/APIReference/API_ReEncrypt.html

Synopsis

Request

Request constructor

Request lenses

reCiphertextBlob :: Lens' ReEncrypt Base64 Source

Ciphertext of the data to re-encrypt.

reDestinationEncryptionContext :: Lens' ReEncrypt (HashMap Text Text) Source

Encryption context to be used when the data is re-encrypted.

reDestinationKeyId :: Lens' ReEncrypt Text Source

Key identifier of the key used to re-encrypt the data.

reGrantTokens :: Lens' ReEncrypt [Text] Source

Grant tokens that identify the grants that have permissions for the encryption and decryption process.

reSourceEncryptionContext :: Lens' ReEncrypt (HashMap Text Text) Source

Encryption context used to encrypt and decrypt the data specified in the CiphertextBlob parameter.

Response

Response constructor

reEncryptResponse :: ReEncryptResponse Source

ReEncryptResponse constructor.

The fields accessible through corresponding lenses are:

Response lenses

rerKeyId :: Lens' ReEncryptResponse (Maybe Text) Source

Unique identifier of the key used to re-encrypt the data.

rerSourceKeyId :: Lens' ReEncryptResponse (Maybe Text) Source

Unique identifier of the key used to originally encrypt the data.