software.amazon.awssdk.services.kms.model

Class CustomKeyStoresListEntry

java.lang.Object

software.amazon.awssdk.services.kms.model.CustomKeyStoresListEntry

All Implemented Interfaces:

Serializable, SdkPojo, ToCopyableBuilder<CustomKeyStoresListEntry.Builder,CustomKeyStoresListEntry>

@Generated(value="software.amazon.awssdk:codegen")
public final class CustomKeyStoresListEntry
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<CustomKeyStoresListEntry.Builder,CustomKeyStoresListEntry>

Contains information about each custom key store in the custom key store list.

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	CustomKeyStoresListEntry.Builder

Method Summary

Modifier and Type	Method and Description
static CustomKeyStoresListEntry.Builder	builder()
String	cloudHsmClusterId() A unique identifier for the CloudHSM cluster that is associated with the custom key store.
ConnectionErrorCodeType	connectionErrorCode() Describes the connection error.
String	connectionErrorCodeAsString() Describes the connection error.
ConnectionStateType	connectionState() Indicates whether the custom key store is connected to its CloudHSM cluster.
String	connectionStateAsString() Indicates whether the custom key store is connected to its CloudHSM cluster.
Instant	creationDate() The date and time when the custom key store was created.
String	customKeyStoreId() A unique identifier for the custom key store.
String	customKeyStoreName() The user-specified friendly name for the custom key store.
boolean	equals(Object obj)
boolean	equalsBySdkFields(Object obj)
<T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
int	hashCode()
List<SdkField<?>>	sdkFields()
static Class<? extends CustomKeyStoresListEntry.Builder>	serializableBuilderClass()
CustomKeyStoresListEntry.Builder	toBuilder()
String	toString() Returns a string representation of this object.
String	trustAnchorCertificate() The trust anchor certificate of the associated CloudHSM cluster.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Detail

customKeyStoreId

public final String customKeyStoreId()

A unique identifier for the custom key store.

Returns:

A unique identifier for the custom key store.

customKeyStoreName

public final String customKeyStoreName()

The user-specified friendly name for the custom key store.

Returns:

The user-specified friendly name for the custom key store.

cloudHsmClusterId

public final String cloudHsmClusterId()

A unique identifier for the CloudHSM cluster that is associated with the custom key store.

Returns:

A unique identifier for the CloudHSM cluster that is associated with the custom key store.

trustAnchorCertificate

public final String trustAnchorCertificate()

The trust anchor certificate of the associated CloudHSM cluster. When you initialize the cluster, you create this certificate and save it in the customerCA.crt file.

Returns:

The trust anchor certificate of the associated CloudHSM cluster. When you initialize the cluster, you create this certificate and save it in the customerCA.crt file.

connectionState

public final ConnectionStateType connectionState()

Indicates whether the custom key store is connected to its CloudHSM cluster.

You can create and use KMS keys in your custom key stores only when its connection state is CONNECTED.

The value is DISCONNECTED if the key store has never been connected or you use the DisconnectCustomKeyStore operation to disconnect it. If the value is CONNECTED but you are having trouble using the custom key store, make sure that its associated CloudHSM cluster is active and contains at least one active HSM.

A value of FAILED indicates that an attempt to connect was unsuccessful. The ConnectionErrorCode field in the response indicates the cause of the failure. For help resolving a connection failure, see Troubleshooting a Custom Key Store in the Key Management Service Developer Guide.

If the service returns an enum value that is not available in the current SDK version, connectionState will return ConnectionStateType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from connectionStateAsString().

Returns:

Indicates whether the custom key store is connected to its CloudHSM cluster.

You can create and use KMS keys in your custom key stores only when its connection state is CONNECTED.

The value is DISCONNECTED if the key store has never been connected or you use the DisconnectCustomKeyStore operation to disconnect it. If the value is CONNECTED but you are having trouble using the custom key store, make sure that its associated CloudHSM cluster is active and contains at least one active HSM.

A value of FAILED indicates that an attempt to connect was unsuccessful. The ConnectionErrorCode field in the response indicates the cause of the failure. For help resolving a connection failure, see Troubleshooting a Custom Key Store in the Key Management Service Developer Guide.

See Also:

ConnectionStateType

connectionStateAsString

public final String connectionStateAsString()

Indicates whether the custom key store is connected to its CloudHSM cluster.

You can create and use KMS keys in your custom key stores only when its connection state is CONNECTED.

The value is DISCONNECTED if the key store has never been connected or you use the DisconnectCustomKeyStore operation to disconnect it. If the value is CONNECTED but you are having trouble using the custom key store, make sure that its associated CloudHSM cluster is active and contains at least one active HSM.

A value of FAILED indicates that an attempt to connect was unsuccessful. The ConnectionErrorCode field in the response indicates the cause of the failure. For help resolving a connection failure, see Troubleshooting a Custom Key Store in the Key Management Service Developer Guide.

If the service returns an enum value that is not available in the current SDK version, connectionState will return ConnectionStateType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from connectionStateAsString().

Returns:

Indicates whether the custom key store is connected to its CloudHSM cluster.

You can create and use KMS keys in your custom key stores only when its connection state is CONNECTED.

The value is DISCONNECTED if the key store has never been connected or you use the DisconnectCustomKeyStore operation to disconnect it. If the value is CONNECTED but you are having trouble using the custom key store, make sure that its associated CloudHSM cluster is active and contains at least one active HSM.

A value of FAILED indicates that an attempt to connect was unsuccessful. The ConnectionErrorCode field in the response indicates the cause of the failure. For help resolving a connection failure, see Troubleshooting a Custom Key Store in the Key Management Service Developer Guide.

See Also:

ConnectionStateType

connectionErrorCode

public final ConnectionErrorCodeType connectionErrorCode()

Describes the connection error. This field appears in the response only when the ConnectionState is FAILED. For help resolving these errors, see How to Fix a Connection Failure in Key Management Service Developer Guide.

Valid values are:

• CLUSTER_NOT_FOUND - KMS cannot find the CloudHSM cluster with the specified cluster ID.

• INSUFFICIENT_CLOUDHSM_HSMS - The associated CloudHSM cluster does not contain any active HSMs. To connect a custom key store to its CloudHSM cluster, the cluster must contain at least one active HSM.

• INTERNAL_ERROR - KMS could not complete the request due to an internal error. Retry the request. For ConnectCustomKeyStore requests, disconnect the custom key store before trying to connect again.

• INVALID_CREDENTIALS - KMS does not have the correct password for the kmsuser crypto user in the CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• NETWORK_ERRORS - Network errors are preventing KMS from connecting to the custom key store.

• SUBNET_NOT_FOUND - A subnet in the CloudHSM cluster configuration was deleted. If KMS cannot find all of the subnets in the cluster configuration, attempts to connect the custom key store to the CloudHSM cluster fail. To fix this error, create a cluster from a recent backup and associate it with your custom key store. (This process creates a new cluster configuration with a VPC and private subnets.) For details, see How to Fix a Connection Failure in the Key Management Service Developer Guide.

• USER_LOCKED_OUT - The kmsuser CU account is locked out of the associated CloudHSM cluster due to too many failed password attempts. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• USER_LOGGED_IN - The kmsuser CU account is logged into the the associated CloudHSM cluster. This prevents KMS from rotating the kmsuser account password and logging into the cluster. Before you can connect your custom key store to its CloudHSM cluster, you must log the kmsuser CU out of the cluster. If you changed the kmsuser password to log into the cluster, you must also and update the key store password value for the custom key store. For help, see How to Log Out and Reconnect in the Key Management Service Developer Guide.

• USER_NOT_FOUND - KMS cannot find a kmsuser CU account in the associated CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must create a kmsuser CU account in the cluster, and then update the key store password value for the custom key store.

If the service returns an enum value that is not available in the current SDK version, connectionErrorCode will return ConnectionErrorCodeType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from connectionErrorCodeAsString().

Returns:

Describes the connection error. This field appears in the response only when the ConnectionState is FAILED. For help resolving these errors, see How to Fix a Connection Failure in Key Management Service Developer Guide.

Valid values are:

• CLUSTER_NOT_FOUND - KMS cannot find the CloudHSM cluster with the specified cluster ID.

• INSUFFICIENT_CLOUDHSM_HSMS - The associated CloudHSM cluster does not contain any active HSMs. To connect a custom key store to its CloudHSM cluster, the cluster must contain at least one active HSM.

• INTERNAL_ERROR - KMS could not complete the request due to an internal error. Retry the request. For ConnectCustomKeyStore requests, disconnect the custom key store before trying to connect again.

• INVALID_CREDENTIALS - KMS does not have the correct password for the kmsuser crypto user in the CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• NETWORK_ERRORS - Network errors are preventing KMS from connecting to the custom key store.

• SUBNET_NOT_FOUND - A subnet in the CloudHSM cluster configuration was deleted. If KMS cannot find all of the subnets in the cluster configuration, attempts to connect the custom key store to the CloudHSM cluster fail. To fix this error, create a cluster from a recent backup and associate it with your custom key store. (This process creates a new cluster configuration with a VPC and private subnets.) For details, see How to Fix a Connection Failure in the Key Management Service Developer Guide.

• USER_LOCKED_OUT - The kmsuser CU account is locked out of the associated CloudHSM cluster due to too many failed password attempts. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• USER_LOGGED_IN - The kmsuser CU account is logged into the the associated CloudHSM cluster. This prevents KMS from rotating the kmsuser account password and logging into the cluster. Before you can connect your custom key store to its CloudHSM cluster, you must log the kmsuser CU out of the cluster. If you changed the kmsuser password to log into the cluster, you must also and update the key store password value for the custom key store. For help, see How to Log Out and Reconnect in the Key Management Service Developer Guide.

• USER_NOT_FOUND - KMS cannot find a kmsuser CU account in the associated CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must create a kmsuser CU account in the cluster, and then update the key store password value for the custom key store.

See Also:

ConnectionErrorCodeType

connectionErrorCodeAsString

public final String connectionErrorCodeAsString()

Describes the connection error. This field appears in the response only when the ConnectionState is FAILED. For help resolving these errors, see How to Fix a Connection Failure in Key Management Service Developer Guide.

Valid values are:

• CLUSTER_NOT_FOUND - KMS cannot find the CloudHSM cluster with the specified cluster ID.

• INSUFFICIENT_CLOUDHSM_HSMS - The associated CloudHSM cluster does not contain any active HSMs. To connect a custom key store to its CloudHSM cluster, the cluster must contain at least one active HSM.

• INTERNAL_ERROR - KMS could not complete the request due to an internal error. Retry the request. For ConnectCustomKeyStore requests, disconnect the custom key store before trying to connect again.

• INVALID_CREDENTIALS - KMS does not have the correct password for the kmsuser crypto user in the CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• NETWORK_ERRORS - Network errors are preventing KMS from connecting to the custom key store.

• SUBNET_NOT_FOUND - A subnet in the CloudHSM cluster configuration was deleted. If KMS cannot find all of the subnets in the cluster configuration, attempts to connect the custom key store to the CloudHSM cluster fail. To fix this error, create a cluster from a recent backup and associate it with your custom key store. (This process creates a new cluster configuration with a VPC and private subnets.) For details, see How to Fix a Connection Failure in the Key Management Service Developer Guide.

• USER_LOCKED_OUT - The kmsuser CU account is locked out of the associated CloudHSM cluster due to too many failed password attempts. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• USER_LOGGED_IN - The kmsuser CU account is logged into the the associated CloudHSM cluster. This prevents KMS from rotating the kmsuser account password and logging into the cluster. Before you can connect your custom key store to its CloudHSM cluster, you must log the kmsuser CU out of the cluster. If you changed the kmsuser password to log into the cluster, you must also and update the key store password value for the custom key store. For help, see How to Log Out and Reconnect in the Key Management Service Developer Guide.

• USER_NOT_FOUND - KMS cannot find a kmsuser CU account in the associated CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must create a kmsuser CU account in the cluster, and then update the key store password value for the custom key store.

If the service returns an enum value that is not available in the current SDK version, connectionErrorCode will return ConnectionErrorCodeType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from connectionErrorCodeAsString().

Returns:

Describes the connection error. This field appears in the response only when the ConnectionState is FAILED. For help resolving these errors, see How to Fix a Connection Failure in Key Management Service Developer Guide.

Valid values are:

• CLUSTER_NOT_FOUND - KMS cannot find the CloudHSM cluster with the specified cluster ID.

• INSUFFICIENT_CLOUDHSM_HSMS - The associated CloudHSM cluster does not contain any active HSMs. To connect a custom key store to its CloudHSM cluster, the cluster must contain at least one active HSM.

• INTERNAL_ERROR - KMS could not complete the request due to an internal error. Retry the request. For ConnectCustomKeyStore requests, disconnect the custom key store before trying to connect again.

• INVALID_CREDENTIALS - KMS does not have the correct password for the kmsuser crypto user in the CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• NETWORK_ERRORS - Network errors are preventing KMS from connecting to the custom key store.

• SUBNET_NOT_FOUND - A subnet in the CloudHSM cluster configuration was deleted. If KMS cannot find all of the subnets in the cluster configuration, attempts to connect the custom key store to the CloudHSM cluster fail. To fix this error, create a cluster from a recent backup and associate it with your custom key store. (This process creates a new cluster configuration with a VPC and private subnets.) For details, see How to Fix a Connection Failure in the Key Management Service Developer Guide.

• USER_LOCKED_OUT - The kmsuser CU account is locked out of the associated CloudHSM cluster due to too many failed password attempts. Before you can connect your custom key store to its CloudHSM cluster, you must change the kmsuser account password and update the key store password value for the custom key store.

• USER_LOGGED_IN - The kmsuser CU account is logged into the the associated CloudHSM cluster. This prevents KMS from rotating the kmsuser account password and logging into the cluster. Before you can connect your custom key store to its CloudHSM cluster, you must log the kmsuser CU out of the cluster. If you changed the kmsuser password to log into the cluster, you must also and update the key store password value for the custom key store. For help, see How to Log Out and Reconnect in the Key Management Service Developer Guide.

• USER_NOT_FOUND - KMS cannot find a kmsuser CU account in the associated CloudHSM cluster. Before you can connect your custom key store to its CloudHSM cluster, you must create a kmsuser CU account in the cluster, and then update the key store password value for the custom key store.

See Also:

ConnectionErrorCodeType

creationDate

public final Instant creationDate()

The date and time when the custom key store was created.

Returns:

The date and time when the custom key store was created.

toBuilder

public CustomKeyStoresListEntry.Builder toBuilder()

Specified by:

toBuilder in interface ToCopyableBuilder<CustomKeyStoresListEntry.Builder,CustomKeyStoresListEntry>

builder

public static CustomKeyStoresListEntry.Builder builder()

serializableBuilderClass

public static Class<? extends CustomKeyStoresListEntry.Builder> serializableBuilderClass()

hashCode

public final int hashCode()

Overrides:

hashCode in class Object

equals

public final boolean equals(Object obj)

Overrides:

equals in class Object

equalsBySdkFields

public final boolean equalsBySdkFields(Object obj)

Specified by:

equalsBySdkFields in interface SdkPojo

toString

public final String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)

sdkFields

public final List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo