Class MetaStore
java.lang.Object
com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store.ProviderStore
com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store.MetaStore
Provides a simple collection of EncryptionMaterialProviders backed by an encrypted DynamoDB
table. This can be used to build key hierarchies or meta providers.
Currently, this only supports AES-256 in AESWrap mode and HmacSHA256 for the providers persisted in the table.
- Author:
- rubin
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
Provides extra data that should be persisted along with the standard material data. -
Constructor Summary
ConstructorDescriptionMetaStore
(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, DynamoDBEncryptor encryptor) Create a new MetaStore with specified table name.MetaStore
(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, DynamoDBEncryptor encryptor, MetaStore.ExtraDataSupplier extraDataSupplier) Create a new MetaStore with specified table name and extra data supplier. -
Method Summary
Modifier and TypeMethodDescriptionstatic com.amazonaws.services.dynamodbv2.model.CreateTableResult
createTable
(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, com.amazonaws.services.dynamodbv2.model.ProvisionedThroughput provisionedThroughput) Creates a DynamoDB Table with the correct properties to be used with a ProviderStore.long
getMaxVersion
(String materialName) Returns the maximum version number associated withmaterialName
.getOrCreate
(String materialName, long nextId) Returns the provider with the specified name and version and creates it if it doesn't exist.getProvider
(String materialName, long version) Returns the provider with the specified name and version.long
getVersionFromMaterialDescription
(Map<String, String> description) Extracts the material version fromdescription
.void
This API retrieves the intermediate keys from the source region and replicates it in the target region.Methods inherited from class com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store.ProviderStore
getProvider, newProvider
-
Constructor Details
-
MetaStore
public MetaStore(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, DynamoDBEncryptor encryptor) Create a new MetaStore with specified table name.- Parameters:
ddb
- Interface for accessing DynamoDB.tableName
- DynamoDB table name for thisMetaStore
.encryptor
- used to perform crypto operations on the record attributes.
-
MetaStore
public MetaStore(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, DynamoDBEncryptor encryptor, MetaStore.ExtraDataSupplier extraDataSupplier) Create a new MetaStore with specified table name and extra data supplier.- Parameters:
ddb
- Interface for accessing DynamoDB.tableName
- DynamoDB table name for thisMetaStore
.encryptor
- used to perform crypto operations on the record attributesextraDataSupplier
- provides extra data that should be stored along with the material.
-
-
Method Details
-
getProvider
Description copied from class:ProviderStore
Returns the provider with the specified name and version.- Specified by:
getProvider
in classProviderStore
-
getOrCreate
Description copied from class:ProviderStore
Returns the provider with the specified name and version and creates it if it doesn't exist.- Overrides:
getOrCreate
in classProviderStore
-
getMaxVersion
Description copied from class:ProviderStore
Returns the maximum version number associated withmaterialName
. If there are no versions, returns -1.- Specified by:
getMaxVersion
in classProviderStore
-
getVersionFromMaterialDescription
Description copied from class:ProviderStore
Extracts the material version fromdescription
.- Specified by:
getVersionFromMaterialDescription
in classProviderStore
-
replicate
This API retrieves the intermediate keys from the source region and replicates it in the target region.- Parameters:
materialName
- material name of the encryption material.version
- version of the encryption material.targetMetaStore
- target MetaStore where the encryption material to be stored.
-
createTable
public static com.amazonaws.services.dynamodbv2.model.CreateTableResult createTable(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, com.amazonaws.services.dynamodbv2.model.ProvisionedThroughput provisionedThroughput) Creates a DynamoDB Table with the correct properties to be used with a ProviderStore.- Parameters:
ddb
- interface for accessing DynamoDBtableName
- name of table that stores the meta data of the material.provisionedThroughput
- required provisioned throughput of the this table.- Returns:
- result of create table request.
-