#[non_exhaustive]pub struct DynamoDbTableEncryptionConfig {
pub algorithm_suite_id: Option<DbeAlgorithmSuiteId>,
pub allowed_unsigned_attribute_prefix: Option<String>,
pub allowed_unsigned_attributes: Option<Vec<String>>,
pub attribute_actions_on_encrypt: Option<HashMap<String, CryptoAction>>,
pub cmm: Option<CryptographicMaterialsManagerRef>,
pub keyring: Option<KeyringRef>,
pub legacy_override: Option<LegacyOverride>,
pub logical_table_name: Option<String>,
pub partition_key_name: Option<String>,
pub plaintext_override: Option<PlaintextOverride>,
pub search: Option<SearchConfig>,
pub sort_key_name: Option<String>,
}
Expand description
The configuration for client-side encryption for a particular DynamoDB table.
Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. }
syntax; cannot be matched against without a wildcard ..
; and struct update syntax will not work.algorithm_suite_id: Option<DbeAlgorithmSuiteId>
An ID for the algorithm suite to use during encryption and decryption.
allowed_unsigned_attribute_prefix: Option<String>
A prefix such that, if during decryption any attribute has a name with this prefix, it is treated as unsigned.
allowed_unsigned_attributes: Option<Vec<String>>
A list of attribute names such that, if encountered during decryption, those attributes are treated as unsigned.
attribute_actions_on_encrypt: Option<HashMap<String, CryptoAction>>
A map that describes what attributes should be encrypted and/or signed on encrypt. This map must contain all attributes that might be encountered during encryption.
cmm: Option<CryptographicMaterialsManagerRef>
The Cryptographic Materials Manager that is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
keyring: Option<KeyringRef>
The Keyring that should be used to wrap and unwrap data keys. If specified a Default Cryptographic Materials Manager with this Keyring is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
legacy_override: Option<LegacyOverride>
A configuration that override encryption and/or decryption to instead perform legacy encryption and/or decryption. Used as part of migration from version 2.x to version 3.x.
logical_table_name: Option<String>
The logical table name for this table. This is the name that is cryptographically bound with your data. This can be the same as the actual DynamoDB table name. It’s purpose is to be distinct from the DynamoDB table name so that the data may still be authenticated if being read from different (but logically similar) tables, such as a backup table.
partition_key_name: Option<String>
The name of the partition key on this table.
plaintext_override: Option<PlaintextOverride>
A configuration that override encryption and/or decryption to instead passthrough and write and/or read plaintext. Used to update plaintext tables to fully use client-side encryption.
search: Option<SearchConfig>
The configuration for searchable encryption.
sort_key_name: Option<String>
If this table contains a sort key, the name of the sort key on this table.
Implementations§
Source§impl DynamoDbTableEncryptionConfig
impl DynamoDbTableEncryptionConfig
Sourcepub fn algorithm_suite_id(&self) -> &Option<DbeAlgorithmSuiteId>
pub fn algorithm_suite_id(&self) -> &Option<DbeAlgorithmSuiteId>
An ID for the algorithm suite to use during encryption and decryption.
Sourcepub fn allowed_unsigned_attribute_prefix(&self) -> &Option<String>
pub fn allowed_unsigned_attribute_prefix(&self) -> &Option<String>
A prefix such that, if during decryption any attribute has a name with this prefix, it is treated as unsigned.
Sourcepub fn allowed_unsigned_attributes(&self) -> &Option<Vec<String>>
pub fn allowed_unsigned_attributes(&self) -> &Option<Vec<String>>
A list of attribute names such that, if encountered during decryption, those attributes are treated as unsigned.
Sourcepub fn attribute_actions_on_encrypt(
&self,
) -> &Option<HashMap<String, CryptoAction>>
pub fn attribute_actions_on_encrypt( &self, ) -> &Option<HashMap<String, CryptoAction>>
A map that describes what attributes should be encrypted and/or signed on encrypt. This map must contain all attributes that might be encountered during encryption.
Sourcepub fn cmm(&self) -> &Option<CryptographicMaterialsManagerRef>
pub fn cmm(&self) -> &Option<CryptographicMaterialsManagerRef>
The Cryptographic Materials Manager that is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
Sourcepub fn keyring(&self) -> &Option<KeyringRef>
pub fn keyring(&self) -> &Option<KeyringRef>
The Keyring that should be used to wrap and unwrap data keys. If specified a Default Cryptographic Materials Manager with this Keyring is used to obtain materials for encryption and decryption. Either a Keyring or a Cryptographic Materials Manager must be specified.
Sourcepub fn legacy_override(&self) -> &Option<LegacyOverride>
pub fn legacy_override(&self) -> &Option<LegacyOverride>
A configuration that override encryption and/or decryption to instead perform legacy encryption and/or decryption. Used as part of migration from version 2.x to version 3.x.
Sourcepub fn logical_table_name(&self) -> &Option<String>
pub fn logical_table_name(&self) -> &Option<String>
The logical table name for this table. This is the name that is cryptographically bound with your data. This can be the same as the actual DynamoDB table name. It’s purpose is to be distinct from the DynamoDB table name so that the data may still be authenticated if being read from different (but logically similar) tables, such as a backup table.
Sourcepub fn partition_key_name(&self) -> &Option<String>
pub fn partition_key_name(&self) -> &Option<String>
The name of the partition key on this table.
Sourcepub fn plaintext_override(&self) -> &Option<PlaintextOverride>
pub fn plaintext_override(&self) -> &Option<PlaintextOverride>
A configuration that override encryption and/or decryption to instead passthrough and write and/or read plaintext. Used to update plaintext tables to fully use client-side encryption.
Sourcepub fn search(&self) -> &Option<SearchConfig>
pub fn search(&self) -> &Option<SearchConfig>
The configuration for searchable encryption.
Sourcepub fn sort_key_name(&self) -> &Option<String>
pub fn sort_key_name(&self) -> &Option<String>
If this table contains a sort key, the name of the sort key on this table.
Source§impl DynamoDbTableEncryptionConfig
impl DynamoDbTableEncryptionConfig
Sourcepub fn builder() -> DynamoDbTableEncryptionConfigBuilder
pub fn builder() -> DynamoDbTableEncryptionConfigBuilder
Creates a new builder-style object to manufacture DynamoDbTableEncryptionConfig
.
Trait Implementations§
Source§impl Clone for DynamoDbTableEncryptionConfig
impl Clone for DynamoDbTableEncryptionConfig
Source§fn clone(&self) -> DynamoDbTableEncryptionConfig
fn clone(&self) -> DynamoDbTableEncryptionConfig
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moreSource§impl PartialEq for DynamoDbTableEncryptionConfig
impl PartialEq for DynamoDbTableEncryptionConfig
Source§fn eq(&self, other: &DynamoDbTableEncryptionConfig) -> bool
fn eq(&self, other: &DynamoDbTableEncryptionConfig) -> bool
self
and other
values to be equal, and is used by ==
.impl StructuralPartialEq for DynamoDbTableEncryptionConfig
Auto Trait Implementations§
impl Freeze for DynamoDbTableEncryptionConfig
impl !RefUnwindSafe for DynamoDbTableEncryptionConfig
impl Send for DynamoDbTableEncryptionConfig
impl Sync for DynamoDbTableEncryptionConfig
impl Unpin for DynamoDbTableEncryptionConfig
impl !UnwindSafe for DynamoDbTableEncryptionConfig
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more