Example usage for com.amazonaws.services.kms.model CreateAliasRequest setAliasName

List of usage examples for com.amazonaws.services.kms.model CreateAliasRequest setAliasName

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.kms.model.*
  5. CreateAliasRequest
  6. setAliasName

Introduction

In this page you can find the example usage for com.amazonaws.services.kms.model CreateAliasRequest setAliasName.

Prototype


public void setAliasName(String aliasName)

Source Link

Document

Specifies the alias name.

Usage

From source file:com.nike.cerberus.service.KmsService.java

License:Apache License

/**
 * Provisions a new KMS CMK in the specified region to be used by the specified role.
 *
 * @param iamRoleId        The IAM role that this CMK will be associated with
 * @param iamRoleAccountId The AWS account ID for the IAM role
 * @param iamRoleName      The AWS IAM role name for the IAM role
 * @param awsRegion        The region to provision the key in
 * @param user             The user requesting it
 * @param dateTime         The date of creation
 * @return The AWS Key ID ARN/*from www  .j  ava2s.co  m*/
 */
@Transactional
public String provisionKmsKey(final String iamRoleId, final String iamRoleAccountId, final String iamRoleName,
        final String awsRegion, final String user, final OffsetDateTime dateTime) {
    final AWSKMSClient kmsClient = kmsClientFactory.getClient(awsRegion);

    final String awsIamRoleKmsKeyId = uuidSupplier.get();

    final CreateKeyRequest request = new CreateKeyRequest();
    request.setKeyUsage(KeyUsageType.ENCRYPT_DECRYPT);
    request.setDescription("Key used by Cerberus for IAM role authentication.");
    request.setPolicy(kmsPolicyService.generateStandardKmsPolicy(iamRoleAccountId, iamRoleName));
    final CreateKeyResult result = kmsClient.createKey(request);

    final CreateAliasRequest aliasRequest = new CreateAliasRequest();
    aliasRequest.setAliasName(String.format(KMS_ALIAS_FORMAT, awsIamRoleKmsKeyId));
    aliasRequest.setTargetKeyId(result.getKeyMetadata().getArn());
    kmsClient.createAlias(aliasRequest);

    final AwsIamRoleKmsKeyRecord awsIamRoleKmsKeyRecord = new AwsIamRoleKmsKeyRecord();
    awsIamRoleKmsKeyRecord.setId(awsIamRoleKmsKeyId);
    awsIamRoleKmsKeyRecord.setAwsIamRoleId(iamRoleId);
    awsIamRoleKmsKeyRecord.setAwsKmsKeyId(result.getKeyMetadata().getArn());
    awsIamRoleKmsKeyRecord.setAwsRegion(awsRegion);
    awsIamRoleKmsKeyRecord.setCreatedBy(user);
    awsIamRoleKmsKeyRecord.setLastUpdatedBy(user);
    awsIamRoleKmsKeyRecord.setCreatedTs(dateTime);
    awsIamRoleKmsKeyRecord.setLastUpdatedTs(dateTime);

    awsIamRoleDao.createIamRoleKmsKey(awsIamRoleKmsKeyRecord);

    return result.getKeyMetadata().getArn();
}