Package com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers

Interface EncryptionMaterialsProvider

All Known Implementing Classes:
AsymmetricStaticProvider, CachingMostRecentProvider, DirectKmsMaterialProvider, KeyStoreMaterialsProvider, SymmetricStaticProvider, WrappedMaterialsProvider
public interface EncryptionMaterialsProvider
Interface for providing encryption materials. Implementations are free to use any strategy for providing encryption materials, such as simply providing static material that doesn't change, or more complicated implementations, such as integrating with existing key management systems.
Author:
Greg Rubin

  • Method Details

    • getDecryptionMaterials

      DecryptionMaterials getDecryptionMaterials(EncryptionContext context)
      Retrieves encryption materials matching the specified description from some source.
      Parameters:
      context - Information to assist in selecting a the proper return value. The implementation is free to determine the minimum necessary for successful processing.
      Returns:
      The encryption materials that match the description, or null if no matching encryption materials found.

    • getEncryptionMaterials

      EncryptionMaterials getEncryptionMaterials(EncryptionContext context)
      Returns EncryptionMaterials which the caller can use for encryption. Each implementation of EncryptionMaterialsProvider can choose its own strategy for loading encryption material. For example, an implementation might load encryption material from an existing key management system, or load new encryption material when keys are rotated.
      Parameters:
      context - Information to assist in selecting a the proper return value. The implementation is free to determine the minimum necessary for successful processing.
      Returns:
      EncryptionMaterials which the caller can use to encrypt or decrypt data.

    • refresh

      void refresh()
      Forces this encryption materials provider to refresh its encryption material. For many implementations of encryption materials provider, this may simply be a no-op, such as any encryption materials provider implementation that vends static/non-changing encryption material. For other implementations that vend different encryption material throughout their lifetime, this method should force the encryption materials provider to refresh its encryption material.