Package com.mongodb.client.model.vault
Class DataKeyOptions
- java.lang.Object
-
- com.mongodb.client.model.vault.DataKeyOptions
-
public class DataKeyOptions extends Object
The options for creating a data key.- Since:
- 3.11
-
-
Constructor Summary
Constructors Constructor Description DataKeyOptions()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description List<String>
getKeyAltNames()
Gets the alternate key names.BsonDocument
getMasterKey()
Gets the master key documentDataKeyOptions
keyAltNames(List<String> keyAltNames)
Set the alternate key names.DataKeyOptions
masterKey(BsonDocument masterKey)
Sets the master key document.String
toString()
-
-
-
Method Detail
-
keyAltNames
public DataKeyOptions keyAltNames(List<String> keyAltNames)
Set the alternate key names.- Parameters:
keyAltNames
- a list of alternate key names- Returns:
- this
- See Also:
getKeyAltNames()
-
masterKey
public DataKeyOptions masterKey(BsonDocument masterKey)
Sets the master key document.- Parameters:
masterKey
- the master key document- Returns:
- this
- See Also:
getMasterKey()
-
getKeyAltNames
public List<String> getKeyAltNames()
Gets the alternate key names.An optional list of alternate names used to reference a key. If a key is created with alternate names, then encryption may refer to the key by the unique alternate name instead of by _id.
- Returns:
- the list of alternate key names
-
getMasterKey
public BsonDocument getMasterKey()
Gets the master key documentThe masterKey identifies a KMS-specific key used to encrypt the new data key.
If the kmsProvider is "aws" the master key is required and must contain the following fields:
- region: a String containing the AWS region in which to locate the master key
- key: a String containing the Amazon Resource Name (ARN) to the AWS customer master key
If the kmsProvider is "azure" the master key is required and must contain the following fields:
- keyVaultEndpoint: a String with the host name and an optional port. Example: "example.vault.azure.net".
- keyName: a String
- keyVersion: an optional String, the specific version of the named key, defaults to using the key's primary version.
If the kmsProvider is "gcp" the master key is required and must contain the following fields:
- projectId: a String
- location: String
- keyRing: String
- keyName: String
- keyVersion: an optional String, the specific version of the named key, defaults to using the key's primary version.
- endpoint: an optional String, with the host with optional port. Defaults to "cloudkms.googleapis.com".
If the kmsProvider is "kmip" the master key is required and must contain the following fields:
- keyId: optional String, keyId is the KMIP Unique Identifier to a 96 byte KMIP Secret Data managed object. If keyId is omitted, the driver creates a random 96 byte KMIP Secret Data managed object.
- endpoint: a String, the endpoint as a host with required port. e.g. "example.com:443". If endpoint is not provided, it defaults to the required endpoint from the KMS providers map.
If the kmsProvider is "local" the masterKey is not applicable.
- Returns:
- the master key document
-
-