| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
Network.AWS.KMS.GenerateDataKey
Description
Generates a secure data key. Data keys are used to encrypt and decrypt data. They are wrapped by customer master keys.
http://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html
- data GenerateDataKey
- generateDataKey :: Text -> GenerateDataKey
- gdkEncryptionContext :: Lens' GenerateDataKey (HashMap Text Text)
- gdkGrantTokens :: Lens' GenerateDataKey [Text]
- gdkKeyId :: Lens' GenerateDataKey Text
- gdkKeySpec :: Lens' GenerateDataKey (Maybe DataKeySpec)
- gdkNumberOfBytes :: Lens' GenerateDataKey (Maybe Natural)
- data GenerateDataKeyResponse
- generateDataKeyResponse :: GenerateDataKeyResponse
- gdkrCiphertextBlob :: Lens' GenerateDataKeyResponse (Maybe Base64)
- gdkrKeyId :: Lens' GenerateDataKeyResponse (Maybe Text)
- gdkrPlaintext :: Lens' GenerateDataKeyResponse (Maybe Base64)
Request
data GenerateDataKey Source
Request constructor
Arguments
| :: Text | |
| -> GenerateDataKey |
GenerateDataKey constructor.
The fields accessible through corresponding lenses are:
Request lenses
gdkEncryptionContext :: Lens' GenerateDataKey (HashMap Text Text) Source
Name/value pair that contains additional data to be authenticated during the encryption and decryption processes that use the key. This value is logged by AWS CloudTrail to provide context around the data encrypted by the key.
gdkGrantTokens :: Lens' GenerateDataKey [Text] Source
A list of grant tokens that represent grants which can be used to provide long term permissions to generate a key.
gdkKeyId :: Lens' GenerateDataKey Text Source
Unique identifier of the key. This can be an ARN, an alias, or a globally unique identifier.
gdkKeySpec :: Lens' GenerateDataKey (Maybe DataKeySpec) Source
Value that identifies the encryption algorithm and key size to generate a data key for. Currently this can be AES_128 or AES_256.
gdkNumberOfBytes :: Lens' GenerateDataKey (Maybe Natural) Source
Integer that contains the number of bytes to generate. Common values are 128, 256, 512, 1024 and so on. 1024 is the current limit.
Response
Response constructor
generateDataKeyResponse :: GenerateDataKeyResponse Source
GenerateDataKeyResponse constructor.
The fields accessible through corresponding lenses are:
Response lenses
gdkrCiphertextBlob :: Lens' GenerateDataKeyResponse (Maybe Base64) Source
Ciphertext that contains the wrapped key. You must store the blob and encryption context so that the ciphertext can be decrypted. You must provide both the ciphertext blob and the encryption context.
gdkrKeyId :: Lens' GenerateDataKeyResponse (Maybe Text) Source
System generated unique identifier for the key.
gdkrPlaintext :: Lens' GenerateDataKeyResponse (Maybe Base64) Source
Plaintext that contains the unwrapped key. Use this for encryption and decryption and then remove it from memory as soon as possible.