aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models

Classes

AesWrappingAlg()
AlgorithmSuiteIdDBE(value)
AlgorithmSuiteIdESDK(value)
AlgorithmSuiteIdUnknown(tag)	Represents an unknown variant.
AlgorithmSuiteInfo(*, id, binary_id, ...)
CacheTypeDefault(value)	The best choice for most situations.
CacheTypeMultiThreaded(value)	A cache that is safe for use in a multi threaded environment, but no extra functionality.
CacheTypeNo(value)	Nothing should ever be cached.
CacheTypeShared(value)	Shared cache across multiple Hierarchical Keyrings.
CacheTypeSingleThreaded(value)	A cache that is NOT safe for use in a multi threaded environment.
CacheTypeStormTracking(value)	A cache that is safe for use in a multi threaded environment, and tries to prevent redundant or overly parallel backend calls.
CacheTypeUnknown(tag)	Represents an unknown variant.
CommitmentPolicyDBE(value)
CommitmentPolicyESDK(value)
CommitmentPolicyUnknown(tag)	Represents an unknown variant.
CreateAwsKmsDiscoveryKeyringInput(*, kms_client)	Inputs for for creating a AWS KMS Discovery Keyring.
CreateAwsKmsDiscoveryMultiKeyringInput(*, ...)	Inputs for for creating an AWS KMS Discovery Multi-Keyring.
CreateAwsKmsEcdhKeyringInput(*, ...[, ...])	Inputs for creating an AWS KMS ECDH Keyring.
CreateAwsKmsHierarchicalKeyringInput(*, ...)	Inputs for creating a Hierarchical Keyring.
CreateAwsKmsKeyringInput(*, kms_key_id, ...)	Inputs for for creating a AWS KMS Keyring.
CreateAwsKmsMrkDiscoveryKeyringInput(*, ...)	Inputs for for creating a AWS KMS MRK Discovery Keyring.
CreateAwsKmsMrkDiscoveryMultiKeyringInput(*, ...)	Inputs for for creating a AWS KMS MRK Discovery Multi-Keyring.
CreateAwsKmsMrkKeyringInput(*, kms_key_id, ...)	Inputs for for creating an AWS KMS MRK Keyring.
CreateAwsKmsMrkMultiKeyringInput(*[, ...])	Inputs for for creating a AWS KMS MRK Multi-Keyring.
CreateAwsKmsMultiKeyringInput(*[, ...])	Inputs for for creating a AWS KMS Multi-Keyring.
CreateAwsKmsRsaKeyringInput(*, kms_key_id, ...)	Inputs for creating a AWS KMS RSA Keyring.
CreateCryptographicMaterialsCacheInput(*, cache)
CreateDefaultClientSupplierInput()
CreateDefaultCryptographicMaterialsManagerInput(*, ...)	Inputs for creating a Default Cryptographic Materials Manager.
CreateMultiKeyringInput(*, child_keyrings[, ...])	Inputs for creating a Multi-Keyring.
CreateRawAesKeyringInput(*, key_namespace, ...)	Inputs for creating a Raw AES Keyring.
CreateRawEcdhKeyringInput(*, ...)	Inputs for creating a raw ECDH Keyring.
CreateRawRsaKeyringInput(*, key_namespace, ...)	Inputs for creating a Raw RAW Keyring.
CreateRequiredEncryptionContextCMMInput(*, ...)	Inputs for creating an Required Encryption Context Cryptographic Materials Manager.
DBEAlgorithmSuiteId()
DBECommitmentPolicy()
DIRECT_KEY_WRAPPING()
DecryptMaterialsInput(*, algorithm_suite_id, ...)
DecryptMaterialsOutput(*, decryption_materials)
DecryptionMaterials(*, algorithm_suite, ...)
DefaultCache(*[, entry_capacity])	The best choice for most situations.
DeleteCacheEntryInput(*, identifier)
DerivationAlgorithmHKDF(value)
DerivationAlgorithmIDENTITY(value)
DerivationAlgorithmNone(value)
DerivationAlgorithmUnknown(tag)	Represents an unknown variant.
DiscoveryFilter(*, account_ids, partition)	A filter which defines what AWS partition and AWS accounts a KMS Key may be in for a Keyring to be allowed to attempt to decrypt it.
ECDSA(*, curve)
ESDKAlgorithmSuiteId()
ESDKCommitmentPolicy()
EdkWrappingAlgorithmDIRECT_KEY_WRAPPING(value)
EdkWrappingAlgorithmIntermediateKeyWrapping(value)
EdkWrappingAlgorithmUnknown(tag)	Represents an unknown variant.
EncryptAES_GCM(value)
EncryptUnknown(tag)	Represents an unknown variant.
EncryptedDataKey(*, key_provider_id, ...)
EncryptionMaterials(*, algorithm_suite, ...)
EphemeralPrivateKeyToStaticPublicKeyInput(*, ...)	Inputs for creating a EphemeralPrivateKeyToStaticPublicKey Configuration.
GetBranchKeyIdInput(*, encryption_context)	Inputs for determining the Branch Key which should be used to wrap or unwrap the data key for this encryption or decryption.
GetBranchKeyIdOutput(*, branch_key_id)	Outputs for the Branch Key responsible for wrapping or unwrapping the data key in this encryption or decryption.
GetCacheEntryInput(*, identifier[, bytes_used])
GetCacheEntryOutput(*, materials[, ...])
GetClientInput(*, region)	Inputs for getting a AWS KMS Client.
GetEncryptionMaterialsInput(*, ...[, ...])
GetEncryptionMaterialsOutput(*, ...)
HKDF(*, hmac[, salt_length, ...])
IDENTITY()
InitializeDecryptionMaterialsInput(*, ...)
InitializeEncryptionMaterialsInput(*, ...[, ...])
IntermediateKeyWrapping(*, ...)
KeyAgreementSchemeStaticConfiguration(value)	Supported configurations for the StaticConfiguration Key Agreement Scheme.
KeyAgreementSchemeUnknown(tag)	Represents an unknown variant.
KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey(value)	Inputs for creating a KmsPrivateKeyToStaticPublicKey Configuration.
KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery(value)	Inputs for creating a KmsPublicKeyDiscovery Configuration.
KmsEcdhStaticConfigurationsUnknown(tag)	Represents an unknown variant.
KmsPrivateKeyToStaticPublicKeyInput(*, ...)	Inputs for creating a KmsPrivateKeyToStaticPublicKey Configuration.
KmsPublicKeyDiscoveryInput(*, ...)	Inputs for creating a KmsPublicKeyDiscovery Configuration.
MaterialsBeaconKey(value)
MaterialsBranchKey(value)
MaterialsDecryption(value)
MaterialsEncryption(value)
MaterialsUnknown(tag)	Represents an unknown variant.
MultiThreadedCache(*[, entry_capacity, ...])	A cache that is safe for use in a multi threaded environment, but no extra functionality.
NoCache()	Nothing should ever be cached.
None_()
OnDecryptInput(*, materials, encrypted_data_keys)
OnDecryptOutput(*, materials)
OnEncryptInput(*, materials)
OnEncryptOutput(*, materials)
PaddingScheme()
PublicKeyDiscoveryInput(*, ...)	Inputs for creating a PublicKeyDiscovery Configuration.
PutCacheEntryInput(*, identifier, materials)
RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey(value)	Inputs for creating a EphemeralPrivateKeyToStaticPublicKey Configuration.
RawEcdhStaticConfigurationsPublicKeyDiscovery(value)	Inputs for creating a PublicKeyDiscovery Configuration.
RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey(value)	Inputs for creating a RawPrivateKeyToStaticPublicKey Configuration.
RawEcdhStaticConfigurationsUnknown(tag)	Represents an unknown variant.
RawPrivateKeyToStaticPublicKeyInput(*, ...)	Inputs for creating a RawPrivateKeyToStaticPublicKey Configuration.
SignatureAlgorithmECDSA(value)
SignatureAlgorithmNone(value)
SignatureAlgorithmUnknown(tag)	Represents an unknown variant.
SingleThreadedCache(*[, entry_capacity, ...])	A cache that is NOT safe for use in a multi threaded environment.
StaticConfigurationsAWS_KMS_ECDH(value)	Allowed configurations when using KmsEcdhStaticConfigurations.
StaticConfigurationsRAW_ECDH(value)	List of configurations when using RawEcdhStaticConfigurations.
StaticConfigurationsUnknown(tag)	Represents an unknown variant.
StormTrackingCache(*[, entry_capacity, ...])	A cache that is safe for use in a multi threaded environment, and tries to prevent redundant or overly parallel backend calls.
SymmetricSignatureAlgorithmHMAC(value)
SymmetricSignatureAlgorithmNone(value)
SymmetricSignatureAlgorithmUnknown(tag)	Represents an unknown variant.
TimeUnits()
Unit()
UpdateUsageMetadataInput(*, identifier[, ...])
ValidDecryptionMaterialsTransitionInput(*, ...)
ValidEncryptionMaterialsTransitionInput(*, ...)
ValidateCommitmentPolicyOnDecryptInput(*, ...)
ValidateCommitmentPolicyOnEncryptInput(*, ...)

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.AesWrappingAlg

Bases: object

ALG_AES128_GCM_IV12_TAG16 = 'ALG_AES128_GCM_IV12_TAG16'

ALG_AES192_GCM_IV12_TAG16 = 'ALG_AES192_GCM_IV12_TAG16'

ALG_AES256_GCM_IV12_TAG16 = 'ALG_AES256_GCM_IV12_TAG16'

values = frozenset({'ALG_AES128_GCM_IV12_TAG16', 'ALG_AES192_GCM_IV12_TAG16', 'ALG_AES256_GCM_IV12_TAG16'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DBEAlgorithmSuiteId

Bases: object

ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_SYMSIG_HMAC_SHA384 = '0x6700'

ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384_SYMSIG_HMAC_SHA384 = '0x6701'

values = frozenset({'0x6700', '0x6701'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ESDKAlgorithmSuiteId

Bases: object

ALG_AES_128_GCM_IV12_TAG16_NO_KDF = '0x0014'

ALG_AES_192_GCM_IV12_TAG16_NO_KDF = '0x0046'

ALG_AES_256_GCM_IV12_TAG16_NO_KDF = '0x0078'

ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256 = '0x0114'

ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA256 = '0x0146'

ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA256 = '0x0178'

ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256 = '0x0214'

ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384 = '0x0346'

ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384 = '0x0378'

ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY = '0x0478'

ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384 = '0x0578'

values = frozenset({'0x0014', '0x0046', '0x0078', '0x0114', '0x0146', '0x0178', '0x0214', '0x0346', '0x0378', '0x0478', '0x0578'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.AlgorithmSuiteIdESDK(value: str)

Bases: object

__init__(value: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → AlgorithmSuiteIdESDK

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.AlgorithmSuiteIdDBE(value: str)

Bases: object

__init__(value: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → AlgorithmSuiteIdDBE

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.AlgorithmSuiteIdUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → AlgorithmSuiteIdUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.HKDF(*, hmac: str, salt_length: int = 0, input_key_length: int = 0, output_key_length: int = 0)

Bases: object

__init__(*, hmac: str, salt_length: int = 0, input_key_length: int = 0, output_key_length: int = 0)

hmac: str

salt_length: int

input_key_length: int

output_key_length: int

as_dict() → Dict[str, Any]

Converts the HKDF to a dictionary.

static from_dict(d: Dict[str, Any]) → HKDF

Creates a HKDF from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.IDENTITY

Bases: object

as_dict() → Dict[str, Any]

Converts the IDENTITY to a dictionary.

static from_dict(d: Dict[str, Any]) → IDENTITY

Creates a IDENTITY from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.None_

Bases: object

as_dict() → Dict[str, Any]

Converts the None_ to a dictionary.

static from_dict(d: Dict[str, Any]) → None_

Creates a None_ from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DerivationAlgorithmHKDF(value: HKDF)

Bases: object

__init__(value: HKDF)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → DerivationAlgorithmHKDF

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DerivationAlgorithmIDENTITY(value: IDENTITY)

Bases: object

__init__(value: IDENTITY)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → DerivationAlgorithmIDENTITY

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DerivationAlgorithmNone(value: None_)

Bases: object

__init__(value: None_)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → DerivationAlgorithmNone

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DerivationAlgorithmUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → DerivationAlgorithmUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DIRECT_KEY_WRAPPING

Bases: object

as_dict() → Dict[str, Any]

Converts the DIRECT_KEY_WRAPPING to a dictionary.

static from_dict(d: Dict[str, Any]) → DIRECT_KEY_WRAPPING

Creates a DIRECT_KEY_WRAPPING from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EncryptAES_GCM(value: AES_GCM)

Bases: object

__init__(value: AES_GCM)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → EncryptAES_GCM

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EncryptUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → EncryptUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.IntermediateKeyWrapping(*, key_encryption_key_kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, mac_key_kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, pdk_encrypt_algorithm: EncryptAES_GCM | EncryptUnknown)

Bases: object

__init__(*, key_encryption_key_kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, mac_key_kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, pdk_encrypt_algorithm: EncryptAES_GCM | EncryptUnknown)

key_encryption_key_kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown

mac_key_kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown

pdk_encrypt_algorithm: EncryptAES_GCM | EncryptUnknown

as_dict() → Dict[str, Any]

Converts the IntermediateKeyWrapping to a dictionary.

static from_dict(d: Dict[str, Any]) → IntermediateKeyWrapping

Creates a IntermediateKeyWrapping from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EdkWrappingAlgorithmDIRECT_KEY_WRAPPING(value: DIRECT_KEY_WRAPPING)

Bases: object

__init__(value: DIRECT_KEY_WRAPPING)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → EdkWrappingAlgorithmDIRECT_KEY_WRAPPING

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EdkWrappingAlgorithmIntermediateKeyWrapping(value: IntermediateKeyWrapping)

Bases: object

__init__(value: IntermediateKeyWrapping)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → EdkWrappingAlgorithmIntermediateKeyWrapping

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EdkWrappingAlgorithmUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → EdkWrappingAlgorithmUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ECDSA(*, curve: str)

Bases: object

__init__(*, curve: str)

curve: str

as_dict() → Dict[str, Any]

Converts the ECDSA to a dictionary.

static from_dict(d: Dict[str, Any]) → ECDSA

Creates a ECDSA from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SignatureAlgorithmECDSA(value: ECDSA)

Bases: object

__init__(value: ECDSA)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → SignatureAlgorithmECDSA

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SignatureAlgorithmNone(value: None_)

Bases: object

__init__(value: None_)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → SignatureAlgorithmNone

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SignatureAlgorithmUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → SignatureAlgorithmUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SymmetricSignatureAlgorithmHMAC(value: str)

Bases: object

__init__(value: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → SymmetricSignatureAlgorithmHMAC

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SymmetricSignatureAlgorithmNone(value: None_)

Bases: object

__init__(value: None_)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → SymmetricSignatureAlgorithmNone

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SymmetricSignatureAlgorithmUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → SymmetricSignatureAlgorithmUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.AlgorithmSuiteInfo(*, id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, binary_id: bytes | bytearray, message_version: int, encrypt: EncryptAES_GCM | EncryptUnknown, kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, commitment: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, signature: SignatureAlgorithmECDSA | SignatureAlgorithmNone | SignatureAlgorithmUnknown, symmetric_signature: SymmetricSignatureAlgorithmHMAC | SymmetricSignatureAlgorithmNone | SymmetricSignatureAlgorithmUnknown, edk_wrapping: EdkWrappingAlgorithmDIRECT_KEY_WRAPPING | EdkWrappingAlgorithmIntermediateKeyWrapping | EdkWrappingAlgorithmUnknown)

Bases: object

__init__(*, id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, binary_id: bytes | bytearray, message_version: int, encrypt: EncryptAES_GCM | EncryptUnknown, kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, commitment: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown, signature: SignatureAlgorithmECDSA | SignatureAlgorithmNone | SignatureAlgorithmUnknown, symmetric_signature: SymmetricSignatureAlgorithmHMAC | SymmetricSignatureAlgorithmNone | SymmetricSignatureAlgorithmUnknown, edk_wrapping: EdkWrappingAlgorithmDIRECT_KEY_WRAPPING | EdkWrappingAlgorithmIntermediateKeyWrapping | EdkWrappingAlgorithmUnknown)

id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown

binary_id: bytes | bytearray

message_version: int

encrypt: EncryptAES_GCM | EncryptUnknown

kdf: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown

commitment: DerivationAlgorithmHKDF | DerivationAlgorithmIDENTITY | DerivationAlgorithmNone | DerivationAlgorithmUnknown

signature: SignatureAlgorithmECDSA | SignatureAlgorithmNone | SignatureAlgorithmUnknown

symmetric_signature: SymmetricSignatureAlgorithmHMAC | SymmetricSignatureAlgorithmNone | SymmetricSignatureAlgorithmUnknown

edk_wrapping: EdkWrappingAlgorithmDIRECT_KEY_WRAPPING | EdkWrappingAlgorithmIntermediateKeyWrapping | EdkWrappingAlgorithmUnknown

as_dict() → Dict[str, Any]

Converts the AlgorithmSuiteInfo to a dictionary.

static from_dict(d: Dict[str, Any]) → AlgorithmSuiteInfo

Creates a AlgorithmSuiteInfo from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetBranchKeyIdInput(*, encryption_context: dict[str, str])

Bases: object

Inputs for determining the Branch Key which should be used to wrap or unwrap the data key for this encryption or decryption.

Parameters:

encryption_context – The Encryption Context used with this encryption or decryption.

__init__(*, encryption_context: dict[str, str])

Inputs for determining the Branch Key which should be used to wrap or unwrap the data key for this encryption or decryption.

Parameters:

encryption_context – The Encryption Context used with this encryption or decryption.

encryption_context: dict[str, str]

as_dict() → Dict[str, Any]

Converts the GetBranchKeyIdInput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetBranchKeyIdInput

Creates a GetBranchKeyIdInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetBranchKeyIdOutput(*, branch_key_id: str)

Bases: object

Outputs for the Branch Key responsible for wrapping or unwrapping the data key in this encryption or decryption.

Parameters:

branch_key_id – The identifier of the Branch Key that should be responsible for wrapping or unwrapping the data key in this encryption or decryption.

__init__(*, branch_key_id: str)

Outputs for the Branch Key responsible for wrapping or unwrapping the data key in this encryption or decryption.

Parameters:

branch_key_id – The identifier of the Branch Key that should be responsible for wrapping or unwrapping the data key in this encryption or decryption.

branch_key_id: str

as_dict() → Dict[str, Any]

Converts the GetBranchKeyIdOutput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetBranchKeyIdOutput

Creates a GetBranchKeyIdOutput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetClientInput(*, region: str)

Bases: object

Inputs for getting a AWS KMS Client.

Parameters:

region – The region the client should be created in.

__init__(*, region: str)

Inputs for getting a AWS KMS Client.

Parameters:

region – The region the client should be created in.

region: str

as_dict() → Dict[str, Any]

Converts the GetClientInput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetClientInput

Creates a GetClientInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DiscoveryFilter(*, account_ids: list[str], partition: str)

Bases: object

A filter which defines what AWS partition and AWS accounts a KMS Key may be in for a Keyring to be allowed to attempt to decrypt it.

Parameters:

• account_ids – A list of allowed AWS account IDs.

• partition – The AWS partition which is allowed.

__init__(*, account_ids: list[str], partition: str)

A filter which defines what AWS partition and AWS accounts a KMS Key may be in for a Keyring to be allowed to attempt to decrypt it.

Parameters:

• account_ids – A list of allowed AWS account IDs.

• partition – The AWS partition which is allowed.

account_ids: list[str]

partition: str

as_dict() → Dict[str, Any]

Converts the DiscoveryFilter to a dictionary.

static from_dict(d: Dict[str, Any]) → DiscoveryFilter

Creates a DiscoveryFilter from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsDiscoveryKeyringInput(*, kms_client: BaseClient, discovery_filter: DiscoveryFilter | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating a AWS KMS Discovery Keyring.

Parameters:

• kms_client – The KMS Client this Keyring will use to call KMS.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, kms_client: BaseClient, discovery_filter: DiscoveryFilter | None = None, grant_tokens: list[str] | None = None)

Inputs for for creating a AWS KMS Discovery Keyring.

Parameters:

• kms_client – The KMS Client this Keyring will use to call KMS.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• grant_tokens – A list of grant tokens to be used when calling KMS.

kms_client: BaseClient

discovery_filter: DiscoveryFilter | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsDiscoveryKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsDiscoveryKeyringInput

Creates a CreateAwsKmsDiscoveryKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsDiscoveryMultiKeyringInput(*, regions: list[str], discovery_filter: DiscoveryFilter | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating an AWS KMS Discovery Multi-Keyring.

Parameters:

• regions – The list of regions this Keyring will creates KMS clients for.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. If not specified on input, a Default Client Supplier is created which creates a KMS Client for each region in the ‘regions’ input.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, regions: list[str], discovery_filter: DiscoveryFilter | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Inputs for for creating an AWS KMS Discovery Multi-Keyring.

Parameters:

• regions – The list of regions this Keyring will creates KMS clients for.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. If not specified on input, a Default Client Supplier is created which creates a KMS Client for each region in the ‘regions’ input.

• grant_tokens – A list of grant tokens to be used when calling KMS.

regions: list[str]

discovery_filter: DiscoveryFilter | None

client_supplier: ClientSupplier | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsDiscoveryMultiKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsDiscoveryMultiKeyringInput

Creates a CreateAwsKmsDiscoveryMultiKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KmsPrivateKeyToStaticPublicKeyInput(*, sender_kms_identifier: str, recipient_public_key: bytes | bytearray, sender_public_key: bytes | bytearray | None = None)

Bases: object

Inputs for creating a KmsPrivateKeyToStaticPublicKey Configuration.

Parameters:

• sender_kms_identifier – AWS KMS Key Identifier belonging to the sender.

• recipient_public_key – Recipient Public Key. This MUST be a raw public ECC key in DER format.

• sender_public_key – Sender Public Key. This is the raw public ECC key in DER format that belongs to the senderKmsIdentifier.

__init__(*, sender_kms_identifier: str, recipient_public_key: bytes | bytearray, sender_public_key: bytes | bytearray | None = None)

Inputs for creating a KmsPrivateKeyToStaticPublicKey Configuration.

Parameters:

• sender_kms_identifier – AWS KMS Key Identifier belonging to the sender.

• recipient_public_key – Recipient Public Key. This MUST be a raw public ECC key in DER format.

• sender_public_key – Sender Public Key. This is the raw public ECC key in DER format that belongs to the senderKmsIdentifier.

sender_kms_identifier: str

recipient_public_key: bytes | bytearray

sender_public_key: bytes | bytearray | None

as_dict() → Dict[str, Any]

Converts the KmsPrivateKeyToStaticPublicKeyInput to a dictionary.

static from_dict(d: Dict[str, Any]) → KmsPrivateKeyToStaticPublicKeyInput

Creates a KmsPrivateKeyToStaticPublicKeyInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KmsPublicKeyDiscoveryInput(*, recipient_kms_identifier: str)

Bases: object

Inputs for creating a KmsPublicKeyDiscovery Configuration. This is a DECRYPT ONLY configuration.

Parameters:

recipient_kms_identifier – AWS KMS key identifier belonging to the recipient.

__init__(*, recipient_kms_identifier: str)

Inputs for creating a KmsPublicKeyDiscovery Configuration. This is a DECRYPT ONLY configuration.

Parameters:

recipient_kms_identifier – AWS KMS key identifier belonging to the recipient.

recipient_kms_identifier: str

as_dict() → Dict[str, Any]

Converts the KmsPublicKeyDiscoveryInput to a dictionary.

static from_dict(d: Dict[str, Any]) → KmsPublicKeyDiscoveryInput

Creates a KmsPublicKeyDiscoveryInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery(value: KmsPublicKeyDiscoveryInput)

Bases: object

Inputs for creating a KmsPublicKeyDiscovery Configuration.

This is a DECRYPT ONLY configuration.

__init__(value: KmsPublicKeyDiscoveryInput)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey(value: KmsPrivateKeyToStaticPublicKeyInput)

Bases: object

Inputs for creating a KmsPrivateKeyToStaticPublicKey Configuration.

__init__(value: KmsPrivateKeyToStaticPublicKeyInput)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KmsEcdhStaticConfigurationsUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → KmsEcdhStaticConfigurationsUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsEcdhKeyringInput(*, key_agreement_scheme: KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery | KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey | KmsEcdhStaticConfigurationsUnknown, curve_spec: str, kms_client: BaseClient, grant_tokens: list[str] | None = None)

Bases: object

Inputs for creating an AWS KMS ECDH Keyring.

Parameters:

• key_agreement_scheme – The Key Agreement Scheme configuration that is responsible for how the shared secret is calculated.

• curve_spec – The named curve that corresponds to the curve on which the sender’s private and recipient’s public key lie.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, key_agreement_scheme: KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery | KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey | KmsEcdhStaticConfigurationsUnknown, curve_spec: str, kms_client: BaseClient, grant_tokens: list[str] | None = None)

Inputs for creating an AWS KMS ECDH Keyring.

Parameters:

• key_agreement_scheme – The Key Agreement Scheme configuration that is responsible for how the shared secret is calculated.

• curve_spec – The named curve that corresponds to the curve on which the sender’s private and recipient’s public key lie.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

key_agreement_scheme: KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery | KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey | KmsEcdhStaticConfigurationsUnknown

curve_spec: str

kms_client: BaseClient

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsEcdhKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsEcdhKeyringInput

Creates a CreateAwsKmsEcdhKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DefaultCache(*, entry_capacity: int = 0)

Bases: object

The best choice for most situations. Probably a StormTrackingCache.

Parameters:

entry_capacity – Maximum number of entries cached.

__init__(*, entry_capacity: int = 0)

The best choice for most situations. Probably a StormTrackingCache.

Parameters:

entry_capacity – Maximum number of entries cached.

entry_capacity: int

as_dict() → Dict[str, Any]

Converts the DefaultCache to a dictionary.

static from_dict(d: Dict[str, Any]) → DefaultCache

Creates a DefaultCache from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.MultiThreadedCache(*, entry_capacity: int = 0, entry_pruning_tail_size: int = 0)

Bases: object

A cache that is safe for use in a multi threaded environment, but no extra functionality.

Parameters:

• entry_capacity – Maximum number of entries cached.

• entry_pruning_tail_size – Number of entries to prune at a time.

__init__(*, entry_capacity: int = 0, entry_pruning_tail_size: int = 0)

A cache that is safe for use in a multi threaded environment, but no extra functionality.

Parameters:

• entry_capacity – Maximum number of entries cached.

• entry_pruning_tail_size – Number of entries to prune at a time.

entry_capacity: int

entry_pruning_tail_size: int

as_dict() → Dict[str, Any]

Converts the MultiThreadedCache to a dictionary.

static from_dict(d: Dict[str, Any]) → MultiThreadedCache

Creates a MultiThreadedCache from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.NoCache

Bases: object

Nothing should ever be cached.

as_dict() → Dict[str, Any]

Converts the NoCache to a dictionary.

static from_dict(d: Dict[str, Any]) → NoCache

Creates a NoCache from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.SingleThreadedCache(*, entry_capacity: int = 0, entry_pruning_tail_size: int = 0)

Bases: object

A cache that is NOT safe for use in a multi threaded environment.

Parameters:

• entry_capacity – Maximum number of entries cached.

• entry_pruning_tail_size – Number of entries to prune at a time.

__init__(*, entry_capacity: int = 0, entry_pruning_tail_size: int = 0)

A cache that is NOT safe for use in a multi threaded environment.

Parameters:

• entry_capacity – Maximum number of entries cached.

• entry_pruning_tail_size – Number of entries to prune at a time.

entry_capacity: int

entry_pruning_tail_size: int

as_dict() → Dict[str, Any]

Converts the SingleThreadedCache to a dictionary.

static from_dict(d: Dict[str, Any]) → SingleThreadedCache

Creates a SingleThreadedCache from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.TimeUnits

Bases: object

SECONDS = 'Seconds'

MILLISECONDS = 'Milliseconds'

values = frozenset({'Milliseconds', 'Seconds'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.StormTrackingCache(*, entry_capacity: int = 0, entry_pruning_tail_size: int = 0, grace_period: int = 0, grace_interval: int = 0, fan_out: int = 0, in_flight_ttl: int = 0, sleep_milli: int = 0, time_units: str | None = None)

Bases: object

A cache that is safe for use in a multi threaded environment, and tries to prevent redundant or overly parallel backend calls.

Parameters:

• entry_capacity – Maximum number of entries cached.

• entry_pruning_tail_size – Number of entries to prune at a time.

• grace_period – How much time before expiration should an attempt be made to refresh the materials. If zero, use a simple cache with no storm tracking.

• grace_interval – How much time between attempts to refresh the materials.

• fan_out – How many simultaneous attempts to refresh the materials.

• in_flight_ttl – How much time until an attempt to refresh the materials should be forgotten.

• sleep_milli – How many milliseconds should a thread sleep if fanOut is exceeded.

• time_units – The time unit for gracePeriod, graceInterval, and inFlightTTL. The default is seconds. If this is set to milliseconds, then these values will be treated as milliseconds.

__init__(*, entry_capacity: int = 0, entry_pruning_tail_size: int = 0, grace_period: int = 0, grace_interval: int = 0, fan_out: int = 0, in_flight_ttl: int = 0, sleep_milli: int = 0, time_units: str | None = None)

A cache that is safe for use in a multi threaded environment, and tries to prevent redundant or overly parallel backend calls.

Parameters:

• entry_capacity – Maximum number of entries cached.

• entry_pruning_tail_size – Number of entries to prune at a time.

• grace_period – How much time before expiration should an attempt be made to refresh the materials. If zero, use a simple cache with no storm tracking.

• grace_interval – How much time between attempts to refresh the materials.

• fan_out – How many simultaneous attempts to refresh the materials.

• in_flight_ttl – How much time until an attempt to refresh the materials should be forgotten.

• sleep_milli – How many milliseconds should a thread sleep if fanOut is exceeded.

• time_units – The time unit for gracePeriod, graceInterval, and inFlightTTL. The default is seconds. If this is set to milliseconds, then these values will be treated as milliseconds.

entry_capacity: int

entry_pruning_tail_size: int

grace_period: int

grace_interval: int

fan_out: int

in_flight_ttl: int

sleep_milli: int

time_units: str | None

as_dict() → Dict[str, Any]

Converts the StormTrackingCache to a dictionary.

static from_dict(d: Dict[str, Any]) → StormTrackingCache

Creates a StormTrackingCache from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeDefault(value: DefaultCache)

Bases: object

The best choice for most situations.

Probably a StormTrackingCache.

__init__(value: DefaultCache)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeDefault

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeNo(value: NoCache)

Bases: object

Nothing should ever be cached.

__init__(value: NoCache)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeNo

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeSingleThreaded(value: SingleThreadedCache)

Bases: object

A cache that is NOT safe for use in a multi threaded environment.

__init__(value: SingleThreadedCache)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeSingleThreaded

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeMultiThreaded(value: MultiThreadedCache)

Bases: object

A cache that is safe for use in a multi threaded environment, but no extra functionality.

__init__(value: MultiThreadedCache)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeMultiThreaded

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeStormTracking(value: StormTrackingCache)

Bases: object

A cache that is safe for use in a multi threaded environment, and tries to prevent redundant or overly parallel backend calls.

__init__(value: StormTrackingCache)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeStormTracking

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeShared(value: CryptographicMaterialsCache)

Bases: object

Shared cache across multiple Hierarchical Keyrings.

For this cache type, the user should provide an already constructed CryptographicMaterialsCache to the Hierarchical Keyring at initialization.

__init__(value: CryptographicMaterialsCache)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeShared

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CacheTypeUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CacheTypeUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsHierarchicalKeyringInput(*, key_store: KeyStore, branch_key_id: str | None = None, branch_key_id_supplier: BranchKeyIdSupplier | None = None, ttl_seconds: int = 0, cache: CacheTypeDefault | CacheTypeNo | CacheTypeSingleThreaded | CacheTypeMultiThreaded | CacheTypeStormTracking | CacheTypeShared | CacheTypeUnknown | None = None, partition_id: str | None = None)

Bases: object

Inputs for creating a Hierarchical Keyring.

Parameters:

• key_store – The Key Store which contains the Branch Key(s) responsible for wrapping and unwrapping data keys.

• branch_key_id – The identifier for the single Branch Key responsible for wrapping and unwrapping the data key. Either a Branch Key ID or Branch Key Supplier must be specified.

• branch_key_id_supplier – A Branch Key Supplier which determines what Branch Key to use to wrap and unwrap the data key. Either a Branch Key ID or Branch Key Supplier must be specified.

• ttl_seconds – How many seconds the Branch Key material is allowed to be reused within the local cache before it is re- retrieved from Amazon DynamoDB and re-authenticated with AWS KMS.

• cache – Sets the type of cache for this Hierarchical Keyring. By providing an already initialized ‘Shared’ cache, users can determine the scope of the cache. That is, if the cache is shared across other Cryptographic Material Providers, for instance other Hierarchical Keyrings or Caching Cryptographic Materials Managers (Caching CMMs). If any other type of cache in the CacheType union is provided, the Hierarchical Keyring will initialize a cache of that type, to be used with only this Hierarchical Keyring. If not set, a DefaultCache is initialized to be used with only this Hierarchical Keyring with entryCapacity = 1000.

• partition_id – Partition ID to distinguish Cryptographic Material Providers (i.e: Keyrings) writing to a cache. If the Partition ID is the same for two Hierarchical Keyrings (or another Material Provider), they can share the same cache entries in the cache.

__init__(*, key_store: KeyStore, branch_key_id: str | None = None, branch_key_id_supplier: BranchKeyIdSupplier | None = None, ttl_seconds: int = 0, cache: CacheTypeDefault | CacheTypeNo | CacheTypeSingleThreaded | CacheTypeMultiThreaded | CacheTypeStormTracking | CacheTypeShared | CacheTypeUnknown | None = None, partition_id: str | None = None)

Inputs for creating a Hierarchical Keyring.

Parameters:

• key_store – The Key Store which contains the Branch Key(s) responsible for wrapping and unwrapping data keys.

• branch_key_id – The identifier for the single Branch Key responsible for wrapping and unwrapping the data key. Either a Branch Key ID or Branch Key Supplier must be specified.

• branch_key_id_supplier – A Branch Key Supplier which determines what Branch Key to use to wrap and unwrap the data key. Either a Branch Key ID or Branch Key Supplier must be specified.

• ttl_seconds – How many seconds the Branch Key material is allowed to be reused within the local cache before it is re- retrieved from Amazon DynamoDB and re-authenticated with AWS KMS.

• cache – Sets the type of cache for this Hierarchical Keyring. By providing an already initialized ‘Shared’ cache, users can determine the scope of the cache. That is, if the cache is shared across other Cryptographic Material Providers, for instance other Hierarchical Keyrings or Caching Cryptographic Materials Managers (Caching CMMs). If any other type of cache in the CacheType union is provided, the Hierarchical Keyring will initialize a cache of that type, to be used with only this Hierarchical Keyring. If not set, a DefaultCache is initialized to be used with only this Hierarchical Keyring with entryCapacity = 1000.

• partition_id – Partition ID to distinguish Cryptographic Material Providers (i.e: Keyrings) writing to a cache. If the Partition ID is the same for two Hierarchical Keyrings (or another Material Provider), they can share the same cache entries in the cache.

key_store: KeyStore

branch_key_id: str | None

branch_key_id_supplier: BranchKeyIdSupplier | None

ttl_seconds: int

cache: CacheTypeDefault | CacheTypeNo | CacheTypeSingleThreaded | CacheTypeMultiThreaded | CacheTypeStormTracking | CacheTypeShared | CacheTypeUnknown | None

partition_id: str | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsHierarchicalKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsHierarchicalKeyringInput

Creates a CreateAwsKmsHierarchicalKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsKeyringInput(*, kms_key_id: str, kms_client: BaseClient, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating a AWS KMS Keyring.

Parameters:

• kms_key_id – The identifier for the symmetric AWS KMS Key responsible for wrapping and unwrapping data keys. This should not be a AWS KMS Multi-Region Key.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, kms_key_id: str, kms_client: BaseClient, grant_tokens: list[str] | None = None)

Inputs for for creating a AWS KMS Keyring.

Parameters:

• kms_key_id – The identifier for the symmetric AWS KMS Key responsible for wrapping and unwrapping data keys. This should not be a AWS KMS Multi-Region Key.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

kms_key_id: str

kms_client: BaseClient

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsKeyringInput

Creates a CreateAwsKmsKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsMrkDiscoveryKeyringInput(*, kms_client: BaseClient, region: str, discovery_filter: DiscoveryFilter | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating a AWS KMS MRK Discovery Keyring.

Parameters:

• kms_client – The KMS Client this Keyring will use to call KMS.

• region – The region the input ‘kmsClient’ is in.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, kms_client: BaseClient, region: str, discovery_filter: DiscoveryFilter | None = None, grant_tokens: list[str] | None = None)

Inputs for for creating a AWS KMS MRK Discovery Keyring.

Parameters:

• kms_client – The KMS Client this Keyring will use to call KMS.

• region – The region the input ‘kmsClient’ is in.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• grant_tokens – A list of grant tokens to be used when calling KMS.

kms_client: BaseClient

region: str

discovery_filter: DiscoveryFilter | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsMrkDiscoveryKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsMrkDiscoveryKeyringInput

Creates a CreateAwsKmsMrkDiscoveryKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsMrkDiscoveryMultiKeyringInput(*, regions: list[str], discovery_filter: DiscoveryFilter | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating a AWS KMS MRK Discovery Multi-Keyring.

Parameters:

• regions – The list of regions this Keyring will creates KMS clients for.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. If not specified on input, a Default Client Supplier is created which creates a KMS Client for each region in the ‘regions’ input.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, regions: list[str], discovery_filter: DiscoveryFilter | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Inputs for for creating a AWS KMS MRK Discovery Multi-Keyring.

Parameters:

• regions – The list of regions this Keyring will creates KMS clients for.

• discovery_filter – A filter which restricts which KMS Keys this Keyring may attempt to decrypt with by AWS partition and account.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. If not specified on input, a Default Client Supplier is created which creates a KMS Client for each region in the ‘regions’ input.

• grant_tokens – A list of grant tokens to be used when calling KMS.

regions: list[str]

discovery_filter: DiscoveryFilter | None

client_supplier: ClientSupplier | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsMrkDiscoveryMultiKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsMrkDiscoveryMultiKeyringInput

Creates a CreateAwsKmsMrkDiscoveryMultiKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsMrkKeyringInput(*, kms_key_id: str, kms_client: BaseClient, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating an AWS KMS MRK Keyring.

Parameters:

• kms_key_id – The identifier for the symmetric AWS KMS Key or AWS KMS Multi-Region Key responsible for wrapping and unwrapping data keys.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, kms_key_id: str, kms_client: BaseClient, grant_tokens: list[str] | None = None)

Inputs for for creating an AWS KMS MRK Keyring.

Parameters:

• kms_key_id – The identifier for the symmetric AWS KMS Key or AWS KMS Multi-Region Key responsible for wrapping and unwrapping data keys.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

kms_key_id: str

kms_client: BaseClient

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsMrkKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsMrkKeyringInput

Creates a CreateAwsKmsMrkKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsMrkMultiKeyringInput(*, generator: str | None = None, kms_key_ids: list[str] | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating a AWS KMS MRK Multi-Keyring.

Parameters:

• generator – A symmetric AWS KMS Key or AWS KMS Multi- Region Key responsible for wrapping and unwrapping data keys. KMS.GenerateDataKey may be called with this key if the data key has not already been generated by another Keyring.

• kms_key_ids – A list of identifiers for the symmetric AWS KMS Keys and/or AWS KMS Multi-Region Keys (other than the generator) responsible for wrapping and unwrapping data keys.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. The Client Supplier will create a client for each region specified in the generator and kmsKeyIds ARNs. If not specified on input, the Default Client Supplier is used.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, generator: str | None = None, kms_key_ids: list[str] | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Inputs for for creating a AWS KMS MRK Multi-Keyring.

Parameters:

• generator – A symmetric AWS KMS Key or AWS KMS Multi- Region Key responsible for wrapping and unwrapping data keys. KMS.GenerateDataKey may be called with this key if the data key has not already been generated by another Keyring.

• kms_key_ids – A list of identifiers for the symmetric AWS KMS Keys and/or AWS KMS Multi-Region Keys (other than the generator) responsible for wrapping and unwrapping data keys.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. The Client Supplier will create a client for each region specified in the generator and kmsKeyIds ARNs. If not specified on input, the Default Client Supplier is used.

• grant_tokens – A list of grant tokens to be used when calling KMS.

generator: str | None

kms_key_ids: list[str] | None

client_supplier: ClientSupplier | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsMrkMultiKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsMrkMultiKeyringInput

Creates a CreateAwsKmsMrkMultiKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsMultiKeyringInput(*, generator: str | None = None, kms_key_ids: list[str] | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for for creating a AWS KMS Multi-Keyring.

Parameters:

• generator – A identifier for a symmetric AWS KMS Key responsible for wrapping and unwrapping data keys. KMS.GenerateDataKey may be called with this key if the data key has not already been generated by another Keyring. This should not be a AWS KMS Multi-Region Key.

• kms_key_ids – A list of identifiers for the symmetric AWS KMS Keys (other than the generator) responsible for wrapping and unwrapping data keys. This list should not contain AWS KMS Multi-Region Keys.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. The Client Supplier will create a client for each region specified in the generator and kmsKeyIds ARNs. If not specified on input, the Default Client Supplier is used.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, generator: str | None = None, kms_key_ids: list[str] | None = None, client_supplier: ClientSupplier | None = None, grant_tokens: list[str] | None = None)

Inputs for for creating a AWS KMS Multi-Keyring.

Parameters:

• generator – A identifier for a symmetric AWS KMS Key responsible for wrapping and unwrapping data keys. KMS.GenerateDataKey may be called with this key if the data key has not already been generated by another Keyring. This should not be a AWS KMS Multi-Region Key.

• kms_key_ids – A list of identifiers for the symmetric AWS KMS Keys (other than the generator) responsible for wrapping and unwrapping data keys. This list should not contain AWS KMS Multi-Region Keys.

• client_supplier – The Client Supplier which will be used to get KMS Clients for use with this Keyring. The Client Supplier will create a client for each region specified in the generator and kmsKeyIds ARNs. If not specified on input, the Default Client Supplier is used.

• grant_tokens – A list of grant tokens to be used when calling KMS.

generator: str | None

kms_key_ids: list[str] | None

client_supplier: ClientSupplier | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsMultiKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsMultiKeyringInput

Creates a CreateAwsKmsMultiKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateAwsKmsRsaKeyringInput(*, kms_key_id: str, encryption_algorithm: str, public_key: bytes | bytearray | None = None, kms_client: BaseClient | None = None, grant_tokens: list[str] | None = None)

Bases: object

Inputs for creating a AWS KMS RSA Keyring.

Parameters:

• kms_key_id – The ARN for the asymmetric AWS KMS Key for RSA responsible for wrapping and unwrapping data keys.

• encryption_algorithm – The RSA algorithm used to wrap and unwrap data keys.

• public_key – The public RSA Key responsible for wrapping data keys, as a UTF8 encoded, PEM encoded X.509 SubjectPublicKeyInfo structure. This should be the public key as exported from KMS. If not specified, this Keyring cannot be used on encrypt.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

__init__(*, kms_key_id: str, encryption_algorithm: str, public_key: bytes | bytearray | None = None, kms_client: BaseClient | None = None, grant_tokens: list[str] | None = None)

Inputs for creating a AWS KMS RSA Keyring.

Parameters:

• kms_key_id – The ARN for the asymmetric AWS KMS Key for RSA responsible for wrapping and unwrapping data keys.

• encryption_algorithm – The RSA algorithm used to wrap and unwrap data keys.

• public_key – The public RSA Key responsible for wrapping data keys, as a UTF8 encoded, PEM encoded X.509 SubjectPublicKeyInfo structure. This should be the public key as exported from KMS. If not specified, this Keyring cannot be used on encrypt.

• kms_client – The KMS Client this Keyring will use to call KMS.

• grant_tokens – A list of grant tokens to be used when calling KMS.

kms_key_id: str

encryption_algorithm: str

public_key: bytes | bytearray | None

kms_client: BaseClient | None

grant_tokens: list[str] | None

as_dict() → Dict[str, Any]

Converts the CreateAwsKmsRsaKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateAwsKmsRsaKeyringInput

Creates a CreateAwsKmsRsaKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateCryptographicMaterialsCacheInput(*, cache: CacheTypeDefault | CacheTypeNo | CacheTypeSingleThreaded | CacheTypeMultiThreaded | CacheTypeStormTracking | CacheTypeShared | CacheTypeUnknown)

Bases: object

Parameters:

cache – Which type of local cache to use.

__init__(*, cache: CacheTypeDefault | CacheTypeNo | CacheTypeSingleThreaded | CacheTypeMultiThreaded | CacheTypeStormTracking | CacheTypeShared | CacheTypeUnknown)

Parameters:

cache – Which type of local cache to use.

cache: CacheTypeDefault | CacheTypeNo | CacheTypeSingleThreaded | CacheTypeMultiThreaded | CacheTypeStormTracking | CacheTypeShared | CacheTypeUnknown

as_dict() → Dict[str, Any]

Converts the CreateCryptographicMaterialsCacheInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateCryptographicMaterialsCacheInput

Creates a CreateCryptographicMaterialsCacheInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateDefaultClientSupplierInput

Bases: object

as_dict() → Dict[str, Any]

Converts the CreateDefaultClientSupplierInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateDefaultClientSupplierInput

Creates a CreateDefaultClientSupplierInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateDefaultCryptographicMaterialsManagerInput(*, keyring: Keyring)

Bases: object

Inputs for creating a Default Cryptographic Materials Manager.

Parameters:

keyring – The Keyring that the created Default Cryptographic Materials Manager will use to wrap data keys.

__init__(*, keyring: Keyring)

Inputs for creating a Default Cryptographic Materials Manager.

Parameters:

keyring – The Keyring that the created Default Cryptographic Materials Manager will use to wrap data keys.

keyring: Keyring

as_dict() → Dict[str, Any]

Converts the CreateDefaultCryptographicMaterialsManagerInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateDefaultCryptographicMaterialsManagerInput

Creates a CreateDefaultCryptographicMaterialsManagerInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateMultiKeyringInput(*, child_keyrings: list[Keyring], generator: Keyring | None = None)

Bases: object

Inputs for creating a Multi-Keyring.

Parameters:

• child_keyrings – A list of keyrings (other than the generator) responsible for wrapping and unwrapping the data key.

• generator – A keyring responsible for wrapping and unwrapping the data key. This is the first keyring that will be used to wrap the data key, and may be responsible for additionally generating the data key.

__init__(*, child_keyrings: list[Keyring], generator: Keyring | None = None)

Inputs for creating a Multi-Keyring.

Parameters:

• child_keyrings – A list of keyrings (other than the generator) responsible for wrapping and unwrapping the data key.

• generator – A keyring responsible for wrapping and unwrapping the data key. This is the first keyring that will be used to wrap the data key, and may be responsible for additionally generating the data key.

child_keyrings: list[Keyring]

generator: Keyring | None

as_dict() → Dict[str, Any]

Converts the CreateMultiKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateMultiKeyringInput

Creates a CreateMultiKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateRawAesKeyringInput(*, key_namespace: str, key_name: str, wrapping_key: bytes | bytearray, wrapping_alg: str)

Bases: object

Inputs for creating a Raw AES Keyring.

Parameters:

• key_namespace – A namespace associated with this wrapping key.

• key_name – A name associated with this wrapping key.

• wrapping_key – The AES key used with AES_GCM encryption and decryption.

• wrapping_alg – The AES_GCM algorithm this Keyring uses to wrap and unwrap data keys.

__init__(*, key_namespace: str, key_name: str, wrapping_key: bytes | bytearray, wrapping_alg: str)

Inputs for creating a Raw AES Keyring.

Parameters:

• key_namespace – A namespace associated with this wrapping key.

• key_name – A name associated with this wrapping key.

• wrapping_key – The AES key used with AES_GCM encryption and decryption.

• wrapping_alg – The AES_GCM algorithm this Keyring uses to wrap and unwrap data keys.

key_namespace: str

key_name: str

wrapping_key: bytes | bytearray

wrapping_alg: str

as_dict() → Dict[str, Any]

Converts the CreateRawAesKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateRawAesKeyringInput

Creates a CreateRawAesKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EphemeralPrivateKeyToStaticPublicKeyInput(*, recipient_public_key: bytes | bytearray)

Bases: object

Inputs for creating a EphemeralPrivateKeyToStaticPublicKey Configuration.

Parameters:

recipient_public_key – The recipient’s public key. MUST be DER encoded.

__init__(*, recipient_public_key: bytes | bytearray)

Inputs for creating a EphemeralPrivateKeyToStaticPublicKey Configuration.

Parameters:

recipient_public_key – The recipient’s public key. MUST be DER encoded.

recipient_public_key: bytes | bytearray

as_dict() → Dict[str, Any]

Converts the EphemeralPrivateKeyToStaticPublicKeyInput to a dictionary.

static from_dict(d: Dict[str, Any]) → EphemeralPrivateKeyToStaticPublicKeyInput

Creates a EphemeralPrivateKeyToStaticPublicKeyInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.PublicKeyDiscoveryInput(*, recipient_static_private_key: bytes | bytearray)

Bases: object

Inputs for creating a PublicKeyDiscovery Configuration.

Parameters:

recipient_static_private_key – The sender’s private key. MUST be PEM encoded.

__init__(*, recipient_static_private_key: bytes | bytearray)

Inputs for creating a PublicKeyDiscovery Configuration.

Parameters:

recipient_static_private_key – The sender’s private key. MUST be PEM encoded.

recipient_static_private_key: bytes | bytearray

as_dict() → Dict[str, Any]

Converts the PublicKeyDiscoveryInput to a dictionary.

static from_dict(d: Dict[str, Any]) → PublicKeyDiscoveryInput

Creates a PublicKeyDiscoveryInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.RawPrivateKeyToStaticPublicKeyInput(*, sender_static_private_key: bytes | bytearray, recipient_public_key: bytes | bytearray)

Bases: object

Inputs for creating a RawPrivateKeyToStaticPublicKey Configuration.

Parameters:

• sender_static_private_key – The sender’s private key. MUST be PEM encoded.

• recipient_public_key – The recipient’s public key. MUST be DER encoded.

__init__(*, sender_static_private_key: bytes | bytearray, recipient_public_key: bytes | bytearray)

Inputs for creating a RawPrivateKeyToStaticPublicKey Configuration.

Parameters:

• sender_static_private_key – The sender’s private key. MUST be PEM encoded.

• recipient_public_key – The recipient’s public key. MUST be DER encoded.

sender_static_private_key: bytes | bytearray

recipient_public_key: bytes | bytearray

as_dict() → Dict[str, Any]

Converts the RawPrivateKeyToStaticPublicKeyInput to a dictionary.

static from_dict(d: Dict[str, Any]) → RawPrivateKeyToStaticPublicKeyInput

Creates a RawPrivateKeyToStaticPublicKeyInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.RawEcdhStaticConfigurationsPublicKeyDiscovery(value: PublicKeyDiscoveryInput)

Bases: object

Inputs for creating a PublicKeyDiscovery Configuration.

__init__(value: PublicKeyDiscoveryInput)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → RawEcdhStaticConfigurationsPublicKeyDiscovery

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey(value: RawPrivateKeyToStaticPublicKeyInput)

Bases: object

Inputs for creating a RawPrivateKeyToStaticPublicKey Configuration.

__init__(value: RawPrivateKeyToStaticPublicKeyInput)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey(value: EphemeralPrivateKeyToStaticPublicKeyInput)

Bases: object

Inputs for creating a EphemeralPrivateKeyToStaticPublicKey Configuration.

__init__(value: EphemeralPrivateKeyToStaticPublicKeyInput)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.RawEcdhStaticConfigurationsUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → RawEcdhStaticConfigurationsUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateRawEcdhKeyringInput(*, key_agreement_scheme: RawEcdhStaticConfigurationsPublicKeyDiscovery | RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsUnknown, curve_spec: str)

Bases: object

Inputs for creating a raw ECDH Keyring.

Parameters:

• key_agreement_scheme – The Key Agreement Scheme configuration that is responsible for how the shared secret is calculated.

• curve_spec – The the curve on which the points for the sender’s private and recipient’s public key lie.

__init__(*, key_agreement_scheme: RawEcdhStaticConfigurationsPublicKeyDiscovery | RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsUnknown, curve_spec: str)

Inputs for creating a raw ECDH Keyring.

Parameters:

• key_agreement_scheme – The Key Agreement Scheme configuration that is responsible for how the shared secret is calculated.

• curve_spec – The the curve on which the points for the sender’s private and recipient’s public key lie.

key_agreement_scheme: RawEcdhStaticConfigurationsPublicKeyDiscovery | RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsUnknown

curve_spec: str

as_dict() → Dict[str, Any]

Converts the CreateRawEcdhKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateRawEcdhKeyringInput

Creates a CreateRawEcdhKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.PaddingScheme

Bases: object

PKCS1 = 'PKCS1'

OAEP_SHA1_MGF1 = 'OAEP_SHA1_MGF1'

OAEP_SHA256_MGF1 = 'OAEP_SHA256_MGF1'

OAEP_SHA384_MGF1 = 'OAEP_SHA384_MGF1'

OAEP_SHA512_MGF1 = 'OAEP_SHA512_MGF1'

values = frozenset({'OAEP_SHA1_MGF1', 'OAEP_SHA256_MGF1', 'OAEP_SHA384_MGF1', 'OAEP_SHA512_MGF1', 'PKCS1'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateRawRsaKeyringInput(*, key_namespace: str, key_name: str, padding_scheme: str, public_key: bytes | bytearray | None = None, private_key: bytes | bytearray | None = None)

Bases: object

Inputs for creating a Raw RAW Keyring.

Parameters:

• key_namespace – A namespace associated with this wrapping key.

• key_name – A name associated with this wrapping key.

• padding_scheme – The RSA padding scheme to use with this keyring.

• public_key – The public RSA Key responsible for wrapping data keys, as a UTF8 encoded, PEM encoded X.509 SubjectPublicKeyInfo structure. If not specified, this Keyring cannot be used on encrypt. A public key and/or a private key must be specified.

• private_key – The private RSA Key responsible for wrapping data keys, as a UTF8 encoded, PEM encoded PKCS #8 PrivateKeyInfo structure. If not specified, this Keyring cannot be used on decrypt. A public key and/or a private key must be specified.

__init__(*, key_namespace: str, key_name: str, padding_scheme: str, public_key: bytes | bytearray | None = None, private_key: bytes | bytearray | None = None)

Inputs for creating a Raw RAW Keyring.

Parameters:

• key_namespace – A namespace associated with this wrapping key.

• key_name – A name associated with this wrapping key.

• padding_scheme – The RSA padding scheme to use with this keyring.

• public_key – The public RSA Key responsible for wrapping data keys, as a UTF8 encoded, PEM encoded X.509 SubjectPublicKeyInfo structure. If not specified, this Keyring cannot be used on encrypt. A public key and/or a private key must be specified.

• private_key – The private RSA Key responsible for wrapping data keys, as a UTF8 encoded, PEM encoded PKCS #8 PrivateKeyInfo structure. If not specified, this Keyring cannot be used on decrypt. A public key and/or a private key must be specified.

key_namespace: str

key_name: str

padding_scheme: str

public_key: bytes | bytearray | None

private_key: bytes | bytearray | None

as_dict() → Dict[str, Any]

Converts the CreateRawRsaKeyringInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateRawRsaKeyringInput

Creates a CreateRawRsaKeyringInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CreateRequiredEncryptionContextCMMInput(*, required_encryption_context_keys: list[str], underlying_cmm: CryptographicMaterialsManager | None = None, keyring: Keyring | None = None)

Bases: object

Inputs for creating an Required Encryption Context Cryptographic Materials Manager.

Parameters:

• required_encryption_context_keys – A list of Encryption Context keys which are required to be supplied during encryption and decryption, and correspond to Encryption Context key-value pairs which are not stored on the resulting message.

• underlying_cmm – The Cryptographic Materials Manager that the created Required Encryption Context Cryptographic Materials Manager will delegate to. Either a Keyring or underlying Cryptographic Materials Manager must be specified.

• keyring – The Keyring that the created Cryptographic Materials Manager will use to wrap data keys. The created Required Encryption Context CMM will delegate to a Default Cryptographic Materials Manager created with this Keyring. Either a Keyring or an underlying Cryptographic Materials Manager must be specified as input.

__init__(*, required_encryption_context_keys: list[str], underlying_cmm: CryptographicMaterialsManager | None = None, keyring: Keyring | None = None)

Inputs for creating an Required Encryption Context Cryptographic Materials Manager.

Parameters:

• required_encryption_context_keys – A list of Encryption Context keys which are required to be supplied during encryption and decryption, and correspond to Encryption Context key-value pairs which are not stored on the resulting message.

• underlying_cmm – The Cryptographic Materials Manager that the created Required Encryption Context Cryptographic Materials Manager will delegate to. Either a Keyring or underlying Cryptographic Materials Manager must be specified.

• keyring – The Keyring that the created Cryptographic Materials Manager will use to wrap data keys. The created Required Encryption Context CMM will delegate to a Default Cryptographic Materials Manager created with this Keyring. Either a Keyring or an underlying Cryptographic Materials Manager must be specified as input.

required_encryption_context_keys: list[str]

underlying_cmm: CryptographicMaterialsManager | None

keyring: Keyring | None

as_dict() → Dict[str, Any]

Converts the CreateRequiredEncryptionContextCMMInput to a dictionary.

static from_dict(d: Dict[str, Any]) → CreateRequiredEncryptionContextCMMInput

Creates a CreateRequiredEncryptionContextCMMInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DeleteCacheEntryInput(*, identifier: bytes | bytearray)

Bases: object

__init__(*, identifier: bytes | bytearray)

identifier: bytes | bytearray

as_dict() → Dict[str, Any]

Converts the DeleteCacheEntryInput to a dictionary.

static from_dict(d: Dict[str, Any]) → DeleteCacheEntryInput

Creates a DeleteCacheEntryInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetCacheEntryInput(*, identifier: bytes | bytearray, bytes_used: int | None = None)

Bases: object

__init__(*, identifier: bytes | bytearray, bytes_used: int | None = None)

identifier: bytes | bytearray

bytes_used: int | None

as_dict() → Dict[str, Any]

Converts the GetCacheEntryInput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetCacheEntryInput

Creates a GetCacheEntryInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DecryptionMaterials(*, algorithm_suite: AlgorithmSuiteInfo, encryption_context: dict[str, str], required_encryption_context_keys: list[str], plaintext_data_key: bytes | bytearray | None = None, verification_key: bytes | bytearray | None = None, symmetric_signing_key: bytes | bytearray | None = None)

Bases: object

__init__(*, algorithm_suite: AlgorithmSuiteInfo, encryption_context: dict[str, str], required_encryption_context_keys: list[str], plaintext_data_key: bytes | bytearray | None = None, verification_key: bytes | bytearray | None = None, symmetric_signing_key: bytes | bytearray | None = None)

algorithm_suite: AlgorithmSuiteInfo

encryption_context: dict[str, str]

required_encryption_context_keys: list[str]

plaintext_data_key: bytes | bytearray | None

verification_key: bytes | bytearray | None

symmetric_signing_key: bytes | bytearray | None

as_dict() → Dict[str, Any]

Converts the DecryptionMaterials to a dictionary.

static from_dict(d: Dict[str, Any]) → DecryptionMaterials

Creates a DecryptionMaterials from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EncryptedDataKey(*, key_provider_id: str, key_provider_info: bytes | bytearray, ciphertext: bytes | bytearray)

Bases: object

__init__(*, key_provider_id: str, key_provider_info: bytes | bytearray, ciphertext: bytes | bytearray)

key_provider_id: str

key_provider_info: bytes | bytearray

ciphertext: bytes | bytearray

as_dict() → Dict[str, Any]

Converts the EncryptedDataKey to a dictionary.

static from_dict(d: Dict[str, Any]) → EncryptedDataKey

Creates a EncryptedDataKey from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.EncryptionMaterials(*, algorithm_suite: AlgorithmSuiteInfo, encryption_context: dict[str, str], encrypted_data_keys: list[EncryptedDataKey], required_encryption_context_keys: list[str], plaintext_data_key: bytes | bytearray | None = None, signing_key: bytes | bytearray | None = None, symmetric_signing_keys: list[bytes | bytearray] | None = None)

Bases: object

__init__(*, algorithm_suite: AlgorithmSuiteInfo, encryption_context: dict[str, str], encrypted_data_keys: list[EncryptedDataKey], required_encryption_context_keys: list[str], plaintext_data_key: bytes | bytearray | None = None, signing_key: bytes | bytearray | None = None, symmetric_signing_keys: list[bytes | bytearray] | None = None)

algorithm_suite: AlgorithmSuiteInfo

encryption_context: dict[str, str]

encrypted_data_keys: list[EncryptedDataKey]

required_encryption_context_keys: list[str]

plaintext_data_key: bytes | bytearray | None

signing_key: bytes | bytearray | None

symmetric_signing_keys: list[bytes | bytearray] | None

as_dict() → Dict[str, Any]

Converts the EncryptionMaterials to a dictionary.

static from_dict(d: Dict[str, Any]) → EncryptionMaterials

Creates a EncryptionMaterials from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.MaterialsEncryption(value: EncryptionMaterials)

Bases: object

__init__(value: EncryptionMaterials)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → MaterialsEncryption

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.MaterialsDecryption(value: DecryptionMaterials)

Bases: object

__init__(value: DecryptionMaterials)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → MaterialsDecryption

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.MaterialsBranchKey(value: BranchKeyMaterials)

Bases: object

__init__(value: BranchKeyMaterials)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → MaterialsBranchKey

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.MaterialsBeaconKey(value: BeaconKeyMaterials)

Bases: object

__init__(value: BeaconKeyMaterials)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → MaterialsBeaconKey

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.MaterialsUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → MaterialsUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetCacheEntryOutput(*, materials: MaterialsEncryption | MaterialsDecryption | MaterialsBranchKey | MaterialsBeaconKey | MaterialsUnknown, creation_time: int = 0, expiry_time: int = 0, messages_used: int = 0, bytes_used: int = 0)

Bases: object

__init__(*, materials: MaterialsEncryption | MaterialsDecryption | MaterialsBranchKey | MaterialsBeaconKey | MaterialsUnknown, creation_time: int = 0, expiry_time: int = 0, messages_used: int = 0, bytes_used: int = 0)

materials: MaterialsEncryption | MaterialsDecryption | MaterialsBranchKey | MaterialsBeaconKey | MaterialsUnknown

creation_time: int

expiry_time: int

messages_used: int

bytes_used: int

as_dict() → Dict[str, Any]

Converts the GetCacheEntryOutput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetCacheEntryOutput

Creates a GetCacheEntryOutput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.PutCacheEntryInput(*, identifier: bytes | bytearray, materials: MaterialsEncryption | MaterialsDecryption | MaterialsBranchKey | MaterialsBeaconKey | MaterialsUnknown, creation_time: int = 0, expiry_time: int = 0, messages_used: int = 0, bytes_used: int = 0)

Bases: object

__init__(*, identifier: bytes | bytearray, materials: MaterialsEncryption | MaterialsDecryption | MaterialsBranchKey | MaterialsBeaconKey | MaterialsUnknown, creation_time: int = 0, expiry_time: int = 0, messages_used: int = 0, bytes_used: int = 0)

identifier: bytes | bytearray

materials: MaterialsEncryption | MaterialsDecryption | MaterialsBranchKey | MaterialsBeaconKey | MaterialsUnknown

creation_time: int

expiry_time: int

messages_used: int

bytes_used: int

as_dict() → Dict[str, Any]

Converts the PutCacheEntryInput to a dictionary.

static from_dict(d: Dict[str, Any]) → PutCacheEntryInput

Creates a PutCacheEntryInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.UpdateUsageMetadataInput(*, identifier: bytes | bytearray, bytes_used: int = 0)

Bases: object

__init__(*, identifier: bytes | bytearray, bytes_used: int = 0)

identifier: bytes | bytearray

bytes_used: int

as_dict() → Dict[str, Any]

Converts the UpdateUsageMetadataInput to a dictionary.

static from_dict(d: Dict[str, Any]) → UpdateUsageMetadataInput

Creates a UpdateUsageMetadataInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DBECommitmentPolicy

Bases: object

REQUIRE_ENCRYPT_REQUIRE_DECRYPT = 'REQUIRE_ENCRYPT_REQUIRE_DECRYPT'

values = frozenset({'REQUIRE_ENCRYPT_REQUIRE_DECRYPT'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ESDKCommitmentPolicy

Bases: object

FORBID_ENCRYPT_ALLOW_DECRYPT = 'FORBID_ENCRYPT_ALLOW_DECRYPT'

REQUIRE_ENCRYPT_ALLOW_DECRYPT = 'REQUIRE_ENCRYPT_ALLOW_DECRYPT'

REQUIRE_ENCRYPT_REQUIRE_DECRYPT = 'REQUIRE_ENCRYPT_REQUIRE_DECRYPT'

values = frozenset({'FORBID_ENCRYPT_ALLOW_DECRYPT', 'REQUIRE_ENCRYPT_ALLOW_DECRYPT', 'REQUIRE_ENCRYPT_REQUIRE_DECRYPT'})

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CommitmentPolicyESDK(value: str)

Bases: object

__init__(value: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CommitmentPolicyESDK

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CommitmentPolicyDBE(value: str)

Bases: object

__init__(value: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CommitmentPolicyDBE

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.CommitmentPolicyUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → CommitmentPolicyUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DecryptMaterialsInput(*, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown, encrypted_data_keys: list[EncryptedDataKey], encryption_context: dict[str, str], reproduced_encryption_context: dict[str, str] | None = None)

Bases: object

__init__(*, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown, encrypted_data_keys: list[EncryptedDataKey], encryption_context: dict[str, str], reproduced_encryption_context: dict[str, str] | None = None)

algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown

commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown

encrypted_data_keys: list[EncryptedDataKey]

encryption_context: dict[str, str]

reproduced_encryption_context: dict[str, str] | None

as_dict() → Dict[str, Any]

Converts the DecryptMaterialsInput to a dictionary.

static from_dict(d: Dict[str, Any]) → DecryptMaterialsInput

Creates a DecryptMaterialsInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.DecryptMaterialsOutput(*, decryption_materials: DecryptionMaterials)

Bases: object

__init__(*, decryption_materials: DecryptionMaterials)

decryption_materials: DecryptionMaterials

as_dict() → Dict[str, Any]

Converts the DecryptMaterialsOutput to a dictionary.

static from_dict(d: Dict[str, Any]) → DecryptMaterialsOutput

Creates a DecryptMaterialsOutput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetEncryptionMaterialsInput(*, encryption_context: dict[str, str], commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown | None = None, max_plaintext_length: int | None = None, required_encryption_context_keys: list[str] | None = None)

Bases: object

__init__(*, encryption_context: dict[str, str], commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown | None = None, max_plaintext_length: int | None = None, required_encryption_context_keys: list[str] | None = None)

encryption_context: dict[str, str]

commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown

algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown | None

max_plaintext_length: int | None

required_encryption_context_keys: list[str] | None

as_dict() → Dict[str, Any]

Converts the GetEncryptionMaterialsInput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetEncryptionMaterialsInput

Creates a GetEncryptionMaterialsInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.GetEncryptionMaterialsOutput(*, encryption_materials: EncryptionMaterials)

Bases: object

__init__(*, encryption_materials: EncryptionMaterials)

encryption_materials: EncryptionMaterials

as_dict() → Dict[str, Any]

Converts the GetEncryptionMaterialsOutput to a dictionary.

static from_dict(d: Dict[str, Any]) → GetEncryptionMaterialsOutput

Creates a GetEncryptionMaterialsOutput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.InitializeDecryptionMaterialsInput(*, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, encryption_context: dict[str, str], required_encryption_context_keys: list[str])

Bases: object

__init__(*, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, encryption_context: dict[str, str], required_encryption_context_keys: list[str])

algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown

encryption_context: dict[str, str]

required_encryption_context_keys: list[str]

as_dict() → Dict[str, Any]

Converts the InitializeDecryptionMaterialsInput to a dictionary.

static from_dict(d: Dict[str, Any]) → InitializeDecryptionMaterialsInput

Creates a InitializeDecryptionMaterialsInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.InitializeEncryptionMaterialsInput(*, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, encryption_context: dict[str, str], required_encryption_context_keys: list[str], signing_key: bytes | bytearray | None = None, verification_key: bytes | bytearray | None = None)

Bases: object

__init__(*, algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, encryption_context: dict[str, str], required_encryption_context_keys: list[str], signing_key: bytes | bytearray | None = None, verification_key: bytes | bytearray | None = None)

algorithm_suite_id: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown

encryption_context: dict[str, str]

required_encryption_context_keys: list[str]

signing_key: bytes | bytearray | None

verification_key: bytes | bytearray | None

as_dict() → Dict[str, Any]

Converts the InitializeEncryptionMaterialsInput to a dictionary.

static from_dict(d: Dict[str, Any]) → InitializeEncryptionMaterialsInput

Creates a InitializeEncryptionMaterialsInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.OnDecryptInput(*, materials: DecryptionMaterials, encrypted_data_keys: list[EncryptedDataKey])

Bases: object

__init__(*, materials: DecryptionMaterials, encrypted_data_keys: list[EncryptedDataKey])

materials: DecryptionMaterials

encrypted_data_keys: list[EncryptedDataKey]

as_dict() → Dict[str, Any]

Converts the OnDecryptInput to a dictionary.

static from_dict(d: Dict[str, Any]) → OnDecryptInput

Creates a OnDecryptInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.OnDecryptOutput(*, materials: DecryptionMaterials)

Bases: object

__init__(*, materials: DecryptionMaterials)

materials: DecryptionMaterials

as_dict() → Dict[str, Any]

Converts the OnDecryptOutput to a dictionary.

static from_dict(d: Dict[str, Any]) → OnDecryptOutput

Creates a OnDecryptOutput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.OnEncryptInput(*, materials: EncryptionMaterials)

Bases: object

__init__(*, materials: EncryptionMaterials)

materials: EncryptionMaterials

as_dict() → Dict[str, Any]

Converts the OnEncryptInput to a dictionary.

static from_dict(d: Dict[str, Any]) → OnEncryptInput

Creates a OnEncryptInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.OnEncryptOutput(*, materials: EncryptionMaterials)

Bases: object

__init__(*, materials: EncryptionMaterials)

materials: EncryptionMaterials

as_dict() → Dict[str, Any]

Converts the OnEncryptOutput to a dictionary.

static from_dict(d: Dict[str, Any]) → OnEncryptOutput

Creates a OnEncryptOutput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ValidateCommitmentPolicyOnDecryptInput(*, algorithm: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown)

Bases: object

__init__(*, algorithm: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown)

algorithm: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown

commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown

as_dict() → Dict[str, Any]

Converts the ValidateCommitmentPolicyOnDecryptInput to a dictionary.

static from_dict(d: Dict[str, Any]) → ValidateCommitmentPolicyOnDecryptInput

Creates a ValidateCommitmentPolicyOnDecryptInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ValidateCommitmentPolicyOnEncryptInput(*, algorithm: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown)

Bases: object

__init__(*, algorithm: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown, commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown)

algorithm: AlgorithmSuiteIdESDK | AlgorithmSuiteIdDBE | AlgorithmSuiteIdUnknown

commitment_policy: CommitmentPolicyESDK | CommitmentPolicyDBE | CommitmentPolicyUnknown

as_dict() → Dict[str, Any]

Converts the ValidateCommitmentPolicyOnEncryptInput to a dictionary.

static from_dict(d: Dict[str, Any]) → ValidateCommitmentPolicyOnEncryptInput

Creates a ValidateCommitmentPolicyOnEncryptInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ValidDecryptionMaterialsTransitionInput(*, start: DecryptionMaterials, stop: DecryptionMaterials)

Bases: object

__init__(*, start: DecryptionMaterials, stop: DecryptionMaterials)

start: DecryptionMaterials

stop: DecryptionMaterials

as_dict() → Dict[str, Any]

Converts the ValidDecryptionMaterialsTransitionInput to a dictionary.

static from_dict(d: Dict[str, Any]) → ValidDecryptionMaterialsTransitionInput

Creates a ValidDecryptionMaterialsTransitionInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.ValidEncryptionMaterialsTransitionInput(*, start: EncryptionMaterials, stop: EncryptionMaterials)

Bases: object

__init__(*, start: EncryptionMaterials, stop: EncryptionMaterials)

start: EncryptionMaterials

stop: EncryptionMaterials

as_dict() → Dict[str, Any]

Converts the ValidEncryptionMaterialsTransitionInput to a dictionary.

static from_dict(d: Dict[str, Any]) → ValidEncryptionMaterialsTransitionInput

Creates a ValidEncryptionMaterialsTransitionInput from a dictionary.

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.StaticConfigurationsAWS_KMS_ECDH(value: KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery | KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey | KmsEcdhStaticConfigurationsUnknown)

Bases: object

Allowed configurations when using KmsEcdhStaticConfigurations.

__init__(value: KmsEcdhStaticConfigurationsKmsPublicKeyDiscovery | KmsEcdhStaticConfigurationsKmsPrivateKeyToStaticPublicKey | KmsEcdhStaticConfigurationsUnknown)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → StaticConfigurationsAWS_KMS_ECDH

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.StaticConfigurationsRAW_ECDH(value: RawEcdhStaticConfigurationsPublicKeyDiscovery | RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsUnknown)

Bases: object

List of configurations when using RawEcdhStaticConfigurations.

__init__(value: RawEcdhStaticConfigurationsPublicKeyDiscovery | RawEcdhStaticConfigurationsRawPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsEphemeralPrivateKeyToStaticPublicKey | RawEcdhStaticConfigurationsUnknown)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → StaticConfigurationsRAW_ECDH

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.StaticConfigurationsUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → StaticConfigurationsUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KeyAgreementSchemeStaticConfiguration(value: StaticConfigurationsAWS_KMS_ECDH | StaticConfigurationsRAW_ECDH | StaticConfigurationsUnknown)

Bases: object

Supported configurations for the StaticConfiguration Key Agreement Scheme.

__init__(value: StaticConfigurationsAWS_KMS_ECDH | StaticConfigurationsRAW_ECDH | StaticConfigurationsUnknown)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → KeyAgreementSchemeStaticConfiguration

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.KeyAgreementSchemeUnknown(tag: str)

Bases: object

Represents an unknown variant.

If you receive this value, you will need to update your library to receive the parsed value.

This value may not be deliberately sent.

__init__(tag: str)

as_dict() → Dict[str, Any]

static from_dict(d: Dict[str, Any]) → KeyAgreementSchemeUnknown

class aws_cryptographic_material_providers.smithygenerated.aws_cryptography_materialproviders.models.Unit

Bases: object