Package com.mongodb.client.model.vault
Class RewrapManyDataKeyOptions
java.lang.Object
com.mongodb.client.model.vault.RewrapManyDataKeyOptions
The rewrap many data key options
The getMasterKey()
document MUST have the fields corresponding to the given provider as specified in masterKey.
- Since:
- 4.7
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionGets the master key documentmasterKey
(BsonDocument masterKey) Sets the optional master key document.Sets the provider name
-
Constructor Details
-
RewrapManyDataKeyOptions
public RewrapManyDataKeyOptions()
-
-
Method Details
-
provider
Sets the provider name- Parameters:
provider
- the provider name- Returns:
- this
- See Also:
-
getProvider
- Returns:
- the provider name
-
masterKey
Sets the optional master key document.- Parameters:
masterKey
- the master key document- Returns:
- this
- See Also:
-
getMasterKey
Gets the master key documentThe masterKey identifies a KMS-specific key used to encrypt the new data key.
If the kmsProvider type is "aws" the master key is required and must contain the following fields:
- region: a String containing the AWS region in which to locate the master key
- key: a String containing the Amazon Resource Name (ARN) to the AWS customer master key
If the kmsProvider type is "azure" the master key is required and must contain the following fields:
- keyVaultEndpoint: a String with the host name and an optional port. Example: "example.vault.azure.net".
- keyName: a String
- keyVersion: an optional String, the specific version of the named key, defaults to using the key's primary version.
If the kmsProvider type is "gcp" the master key is required and must contain the following fields:
- projectId: a String
- location: String
- keyRing: String
- keyName: String
- keyVersion: an optional String, the specific version of the named key, defaults to using the key's primary version.
- endpoint: an optional String, with the host with optional port. Defaults to "cloudkms.googleapis.com".
If the kmsProvider type is "kmip" the master key is required and must contain the following fields:
- keyId: optional String, keyId is the KMIP Unique Identifier to a 96 byte KMIP Secret Data managed object. If keyId is omitted, the driver creates a random 96 byte KMIP Secret Data managed object.
- endpoint: a String, the endpoint as a host with required port. e.g. "example.com:443". If endpoint is not provided, it defaults to the required endpoint from the KMS providers map.
If the kmsProvider type is "local" the masterKey is not applicable.
- Returns:
- the master key document
-