Class: Aws::KMS::Types::GenerateDataKeyPairResponse

Inherits:

Struct

• Object
• Struct
• Aws::KMS::Types::GenerateDataKeyPairResponse

Includes:

Structure

Defined in:

lib/aws-sdk-kms/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[:private_key_plaintext]

Instance Attribute Summary

• #ciphertext_for_recipient ⇒ String

  The plaintext private data key encrypted with the public key from the attestation document.

• #key_id ⇒ String

  The Amazon Resource Name ([key ARN]) of the KMS key that encrypted the private key.

• #key_material_id ⇒ String

  The identifier of the key material used to encrypt the private key.

• #key_pair_spec ⇒ String

  The type of data key pair that was generated.

• #private_key_ciphertext_blob ⇒ String

  The encrypted copy of the private key.

• #private_key_plaintext ⇒ String

  The plaintext copy of the private key.

• #public_key ⇒ String

  The public key (in plaintext).

Instance Attribute Details

#ciphertext_for_recipient ⇒ String

The plaintext private data key encrypted with the public key from the attestation document. This ciphertext can be decrypted only by using a private key from the attested environment.

This field is included in the response only when the ‘Recipient` parameter in the request includes a valid attestation document from an Amazon Web Services Nitro enclave or NitroTPM. For information about the interaction between KMS and Amazon Web Services Nitro Enclaves or Amazon Web Services NitroTPM, see [Cryptographic attestation support in KMS] in the *Key Management Service Developer Guide*.

[1]: docs.aws.amazon.com/kms/latest/developerguide/cryptographic-attestation.html

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end

#key_id ⇒ String

The Amazon Resource Name ([key ARN]) of the KMS key that encrypted the private key.

[1]: docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end

#key_material_id ⇒ String

The identifier of the key material used to encrypt the private key.

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end

#key_pair_spec ⇒ String

The type of data key pair that was generated.

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end

#private_key_ciphertext_blob ⇒ String

The encrypted copy of the private key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end

#private_key_plaintext ⇒ String

The plaintext copy of the private key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

If the response includes the ‘CiphertextForRecipient` field, the `PrivateKeyPlaintext` field is null or empty.

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end

#public_key ⇒ String

The public key (in plaintext). When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

Returns:

• (String)

# File 'lib/aws-sdk-kms/types.rb', line 2807

class GenerateDataKeyPairResponse < Struct.new(
  :private_key_ciphertext_blob,
  :private_key_plaintext,
  :public_key,
  :key_id,
  :key_pair_spec,
  :ciphertext_for_recipient,
  :key_material_id)
  SENSITIVE = [:private_key_plaintext]
  include Aws::Structure
end