aws_dbesdk_dynamodb.smithygenerated.aws_cryptography_dbencryptionsdk_dynamodb_itemencryptor.config
Functions
|
Converts the provided Dafny shape for this localService's config into the corresponding Smithy-modelled shape. |
|
Converts the provided Smithy-modelled shape for this localService's config into the corresponding Dafny shape. |
Classes
|
Configuration for DynamoDbItemEncryptor. |
|
The configuration for the client-side encryption of DynamoDB items. |
- class aws_dbesdk_dynamodb.smithygenerated.aws_cryptography_dbencryptionsdk_dynamodb_itemencryptor.config.Config(*, interceptors: list[Any] | None = None, retry_strategy: RetryStrategy | None = None, dafnyImplInterface: DafnyImplInterface | None = None)
Bases:
objectConfiguration for DynamoDbItemEncryptor.
Constructor.
- Parameters:
interceptors – The list of interceptors, which are hooks that are called during the execution of a request.
retry_strategy – The retry strategy for issuing retry tokens and computing retry delays.
dafnyImplInterface
- __init__(*, interceptors: list[Any] | None = None, retry_strategy: RetryStrategy | None = None, dafnyImplInterface: DafnyImplInterface | None = None)
Constructor.
- Parameters:
interceptors – The list of interceptors, which are hooks that are called during the execution of a request.
retry_strategy – The retry strategy for issuing retry tokens and computing retry delays.
dafnyImplInterface
- retry_strategy: RetryStrategy
- class aws_dbesdk_dynamodb.smithygenerated.aws_cryptography_dbencryptionsdk_dynamodb_itemencryptor.config.DynamoDbItemEncryptorConfig(*, logical_table_name: str, partition_key_name: str, attribute_actions_on_encrypt: dict[str, str], sort_key_name: str | None = None, allowed_unsigned_attributes: list[str] | None = None, allowed_unsigned_attribute_prefix: str | None = None, algorithm_suite_id: str | None = None, keyring: Keyring | None = None, cmm: CryptographicMaterialsManager | None = None, legacy_override: LegacyOverride | None = None, plaintext_override: str | None = None)
Bases:
ConfigThe configuration for the client-side encryption of DynamoDB items.
- Parameters:
logical_table_name – The logical table name for this table. This is the name that is cryptographically bound with your data. This can be the same as the actual DynamoDB table name. It’s purpose is to be distinct from the DynamoDB table name so that the data may still be authenticated if being read from different (but logically similar) tables, such as a backup table.
partition_key_name – The name of the partition key on the table this item will be written to or was read from.
attribute_actions_on_encrypt – A map that describes what attributes should be encrypted and/or signed on encrypt. This map must contain all attributes that might be encountered during encryption.
sort_key_name – If this table contains a sort key, the name of the sort key on the table this item will be written to or was read from.
allowed_unsigned_attributes – A list of attribute names such that, if encountered during decryption, those attributes are treated as unsigned.
allowed_unsigned_attribute_prefix – A prefix such that, if during decryption any attribute has a name with this prefix, it is treated as unsigned.
algorithm_suite_id – An ID for the algorithm suite to use during encryption and decryption.
keyring – The Keyring that should be used to wrap and unwrap data keys. If specified a Default Cryptographic Materials Manager with this Keyring is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
cmm – The Cryptographic Materials Manager that is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
legacy_override – A configuration that override encryption and/or decryption to instead perform legacy encryption and/or decryption. Used as part of migration from version 2.x to version 3.x.
plaintext_override – A configuration that override encryption and/or decryption to instead passthrough and write and/or read plaintext. Used to update plaintext tables to fully use client-side encryption.
- __init__(*, logical_table_name: str, partition_key_name: str, attribute_actions_on_encrypt: dict[str, str], sort_key_name: str | None = None, allowed_unsigned_attributes: list[str] | None = None, allowed_unsigned_attribute_prefix: str | None = None, algorithm_suite_id: str | None = None, keyring: Keyring | None = None, cmm: CryptographicMaterialsManager | None = None, legacy_override: LegacyOverride | None = None, plaintext_override: str | None = None)
The configuration for the client-side encryption of DynamoDB items.
- Parameters:
logical_table_name – The logical table name for this table. This is the name that is cryptographically bound with your data. This can be the same as the actual DynamoDB table name. It’s purpose is to be distinct from the DynamoDB table name so that the data may still be authenticated if being read from different (but logically similar) tables, such as a backup table.
partition_key_name – The name of the partition key on the table this item will be written to or was read from.
attribute_actions_on_encrypt – A map that describes what attributes should be encrypted and/or signed on encrypt. This map must contain all attributes that might be encountered during encryption.
sort_key_name – If this table contains a sort key, the name of the sort key on the table this item will be written to or was read from.
allowed_unsigned_attributes – A list of attribute names such that, if encountered during decryption, those attributes are treated as unsigned.
allowed_unsigned_attribute_prefix – A prefix such that, if during decryption any attribute has a name with this prefix, it is treated as unsigned.
algorithm_suite_id – An ID for the algorithm suite to use during encryption and decryption.
keyring – The Keyring that should be used to wrap and unwrap data keys. If specified a Default Cryptographic Materials Manager with this Keyring is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
cmm – The Cryptographic Materials Manager that is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
legacy_override – A configuration that override encryption and/or decryption to instead perform legacy encryption and/or decryption. Used as part of migration from version 2.x to version 3.x.
plaintext_override – A configuration that override encryption and/or decryption to instead passthrough and write and/or read plaintext. Used to update plaintext tables to fully use client-side encryption.
- legacy_override: LegacyOverride | None
- static from_dict(d: Dict[str, Any]) DynamoDbItemEncryptorConfig
Creates a DynamoDbItemEncryptorConfig from a dictionary.
- aws_dbesdk_dynamodb.smithygenerated.aws_cryptography_dbencryptionsdk_dynamodb_itemencryptor.config.dafny_config_to_smithy_config(dafny_config) DynamoDbItemEncryptorConfig
Converts the provided Dafny shape for this localService’s config into the corresponding Smithy-modelled shape.
- aws_dbesdk_dynamodb.smithygenerated.aws_cryptography_dbencryptionsdk_dynamodb_itemencryptor.config.smithy_config_to_dafny_config(smithy_config) DynamoDbItemEncryptorConfig_DynamoDbItemEncryptorConfig
Converts the provided Smithy-modelled shape for this localService’s config into the corresponding Dafny shape.