Struct aws_sdk_paymentcryptography::Client 
source · pub struct Client { /* private fields */ }Expand description
Client for Payment Cryptography Control Plane
Client for invoking operations on Payment Cryptography Control Plane. Each operation on Payment Cryptography Control Plane is a method on this
this struct. .send() MUST be invoked on the generated operations to dispatch the request to the service.
Constructing a Client
A Config is required to construct a client. For most use cases, the aws-config
crate should be used to automatically resolve this config using
aws_config::load_from_env(), since this will resolve an SdkConfig which can be shared
across multiple different AWS SDK clients. This config resolution process can be customized
by calling aws_config::from_env() instead, which returns a ConfigLoader that uses
the builder pattern to customize the default config.
In the simplest case, creating a client looks as follows:
let config = aws_config::load_from_env().await;
let client = aws_sdk_paymentcryptography::Client::new(&config);Occasionally, SDKs may have additional service-specific that can be set on the Config that
is absent from SdkConfig, or slightly different settings for a specific client may be desired.
The Config struct implements From<&SdkConfig>, so setting these specific settings can be
done as follows:
let sdk_config = ::aws_config::load_from_env().await;
let config = aws_sdk_paymentcryptography::config::Builder::from(&sdk_config)
    .some_service_specific_setting("value")
    .build();See the aws-config docs and Config for more information on customizing configuration.
Note: Client construction is expensive due to connection thread pool initialization, and should be done once at application start-up.
Using the Client
A client has a function for every operation that can be performed by the service.
For example, the ExportKey operation has
a Client::export_key, function which returns a builder for that operation.
The fluent builder ultimately has a send() function that returns an async future that
returns a result, as illustrated below:
let result = client.export_key()
    .export_key_identifier("example")
    .send()
    .await;The underlying HTTP requests that get made by this can be modified with the customize_operation
function on the fluent builder. See the customize module for more
information.
Implementations§
source§impl Client
 
impl Client
sourcepub fn create_alias(&self) -> CreateAliasFluentBuilder
 
pub fn create_alias(&self) -> CreateAliasFluentBuilder
Constructs a fluent builder for the CreateAlias operation.
- The fluent builder is configurable:
- alias_name(impl Into<String>)/- set_alias_name(Option<String>):
 required: true- A friendly name that you can use to refer to a key. An alias must begin with - alias/followed by a name, for example- alias/ExampleAlias. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-).- Don’t include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output. 
- key_arn(impl Into<String>)/- set_key_arn(Option<String>):
 required: false- The - KeyARNof the key to associate with the alias.
 
- On success, responds with CreateAliasOutputwith field(s):- alias(Option<Alias>):- The alias for the key. 
 
- On failure, responds with SdkError<CreateAliasError>
source§impl Client
 
impl Client
sourcepub fn create_key(&self) -> CreateKeyFluentBuilder
 
pub fn create_key(&self) -> CreateKeyFluentBuilder
Constructs a fluent builder for the CreateKey operation.
- The fluent builder is configurable:
- key_attributes(KeyAttributes)/- set_key_attributes(Option<KeyAttributes>):
 required: true- The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created. 
- key_check_value_algorithm(KeyCheckValueAlgorithm)/- set_key_check_value_algorithm(Option<KeyCheckValueAlgorithm>):
 required: false- The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity. - For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result. 
- exportable(bool)/- set_exportable(Option<bool>):
 required: true- Specifies whether the key is exportable from the service. 
- enabled(bool)/- set_enabled(Option<bool>):
 required: false- Specifies whether to enable the key. If the key is enabled, it is activated for use within the service. If the key is not enabled, then it is created but not activated. The default value is enabled. 
- tags(Tag)/- set_tags(Option<Vec::<Tag>>):
 required: false- Assigns one or more tags to the Amazon Web Services Payment Cryptography key. Use this parameter to tag a key when it is created. To tag an existing Amazon Web Services Payment Cryptography key, use the - TagResourceoperation.- Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You can’t have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. - Don’t include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output. - Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key. 
 
- On success, responds with CreateKeyOutputwith field(s):- key(Option<Key>):- The key material that contains all the key attributes. 
 
- On failure, responds with SdkError<CreateKeyError>
source§impl Client
 
impl Client
sourcepub fn delete_alias(&self) -> DeleteAliasFluentBuilder
 
pub fn delete_alias(&self) -> DeleteAliasFluentBuilder
Constructs a fluent builder for the DeleteAlias operation.
- The fluent builder is configurable:
- alias_name(impl Into<String>)/- set_alias_name(Option<String>):
 required: true- A friendly name that you can use to refer Amazon Web Services Payment Cryptography key. This value must begin with - alias/followed by a name, such as- alias/ExampleAlias.
 
- On success, responds with DeleteAliasOutput
- On failure, responds with SdkError<DeleteAliasError>
source§impl Client
 
impl Client
sourcepub fn delete_key(&self) -> DeleteKeyFluentBuilder
 
pub fn delete_key(&self) -> DeleteKeyFluentBuilder
Constructs a fluent builder for the DeleteKey operation.
- The fluent builder is configurable:
- key_identifier(impl Into<String>)/- set_key_identifier(Option<String>):
 required: true- The - KeyARNof the key that is scheduled for deletion.
- delete_key_in_days(i32)/- set_delete_key_in_days(Option<i32>):
 required: false- The waiting period for key deletion. The default value is seven days. 
 
- On success, responds with DeleteKeyOutputwith field(s):- key(Option<Key>):- The - KeyARNof the key that is scheduled for deletion.
 
- On failure, responds with SdkError<DeleteKeyError>
source§impl Client
 
impl Client
sourcepub fn export_key(&self) -> ExportKeyFluentBuilder
 
pub fn export_key(&self) -> ExportKeyFluentBuilder
Constructs a fluent builder for the ExportKey operation.
- The fluent builder is configurable:
- key_material(ExportKeyMaterial)/- set_key_material(Option<ExportKeyMaterial>):
 required: true- The key block format type, for example, TR-34 or TR-31, to use during key material export. 
- export_key_identifier(impl Into<String>)/- set_export_key_identifier(Option<String>):
 required: true- The - KeyARNof the key under export from Amazon Web Services Payment Cryptography.
- export_attributes(ExportAttributes)/- set_export_attributes(Option<ExportAttributes>):
 required: false- The attributes for IPEK generation during export. 
 
- On success, responds with ExportKeyOutputwith field(s):- wrapped_key(Option<WrappedKey>):- The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock. 
 
- On failure, responds with SdkError<ExportKeyError>
source§impl Client
 
impl Client
sourcepub fn get_alias(&self) -> GetAliasFluentBuilder
 
pub fn get_alias(&self) -> GetAliasFluentBuilder
Constructs a fluent builder for the GetAlias operation.
- The fluent builder is configurable:
- alias_name(impl Into<String>)/- set_alias_name(Option<String>):
 required: true- The alias of the Amazon Web Services Payment Cryptography key. 
 
- On success, responds with GetAliasOutputwith field(s):- alias(Option<Alias>):- The alias of the Amazon Web Services Payment Cryptography key. 
 
- On failure, responds with SdkError<GetAliasError>
source§impl Client
 
impl Client
sourcepub fn get_key(&self) -> GetKeyFluentBuilder
 
pub fn get_key(&self) -> GetKeyFluentBuilder
Constructs a fluent builder for the GetKey operation.
- The fluent builder is configurable:
- key_identifier(impl Into<String>)/- set_key_identifier(Option<String>):
 required: true- The - KeyARNof the Amazon Web Services Payment Cryptography key.
 
- On success, responds with GetKeyOutputwith field(s):- key(Option<Key>):- The key material, including the immutable and mutable data for the key. 
 
- On failure, responds with SdkError<GetKeyError>
source§impl Client
 
impl Client
sourcepub fn get_parameters_for_export(&self) -> GetParametersForExportFluentBuilder
 
pub fn get_parameters_for_export(&self) -> GetParametersForExportFluentBuilder
Constructs a fluent builder for the GetParametersForExport operation.
- The fluent builder is configurable:
- key_material_type(KeyMaterialType)/- set_key_material_type(Option<KeyMaterialType>):
 required: true- The key block format type (for example, TR-34 or TR-31) to use during key material export. Export token is only required for a TR-34 key export, - TR34_KEY_BLOCK. Export token is not required for TR-31 key export.
- signing_key_algorithm(KeyAlgorithm)/- set_signing_key_algorithm(Option<KeyAlgorithm>):
 required: true- The signing key algorithm to generate a signing key certificate. This certificate signs the wrapped key under export within the TR-34 key block. - RSA_2048is the only signing key algorithm allowed.
 
- On success, responds with GetParametersForExportOutputwith field(s):- signing_key_certificate(String):- The signing key certificate in PEM format (base64 encoded) of the public key for signature within the TR-34 key block. The certificate expires after 7 days. 
- signing_key_certificate_chain(String):- The root certificate authority (CA) that signed the signing key certificate in PEM format (base64 encoded). 
- signing_key_algorithm(KeyAlgorithm):- The algorithm of the signing key certificate for use in TR-34 key block generation. - RSA_2048is the only signing key algorithm allowed.
- export_token(String):- The export token to initiate key export from Amazon Web Services Payment Cryptography. The export token expires after 7 days. You can use the same export token to export multiple keys from the same service account. 
- parameters_valid_until_timestamp(DateTime):- The validity period of the export token. 
 
- On failure, responds with SdkError<GetParametersForExportError>
source§impl Client
 
impl Client
sourcepub fn get_parameters_for_import(&self) -> GetParametersForImportFluentBuilder
 
pub fn get_parameters_for_import(&self) -> GetParametersForImportFluentBuilder
Constructs a fluent builder for the GetParametersForImport operation.
- The fluent builder is configurable:
- key_material_type(KeyMaterialType)/- set_key_material_type(Option<KeyMaterialType>):
 required: true- The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock ( - TR34_KEY_BLOCK).- Import token is not required for TR-31, root public key cerificate or trusted public key certificate. 
- wrapping_key_algorithm(KeyAlgorithm)/- set_wrapping_key_algorithm(Option<KeyAlgorithm>):
 required: true- The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import. - At this time, - RSA_2048,- RSA_3072,- RSA_4096are the only allowed algorithms for TR-34 WrappedKeyBlock import.
 
- On success, responds with GetParametersForImportOutputwith field(s):- wrapping_key_certificate(String):- The wrapping key certificate in PEM format (base64 encoded) of the wrapping key for use within the TR-34 key block. The certificate expires in 7 days. 
- wrapping_key_certificate_chain(String):- The Amazon Web Services Payment Cryptography root certificate authority (CA) that signed the wrapping key certificate in PEM format (base64 encoded). 
- wrapping_key_algorithm(KeyAlgorithm):- The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock. 
- import_token(String):- The import token to initiate key import into Amazon Web Services Payment Cryptography. The import token expires after 7 days. You can use the same import token to import multiple keys to the same service account. 
- parameters_valid_until_timestamp(DateTime):- The validity period of the import token. 
 
- On failure, responds with SdkError<GetParametersForImportError>
source§impl Client
 
impl Client
sourcepub fn get_public_key_certificate(&self) -> GetPublicKeyCertificateFluentBuilder
 
pub fn get_public_key_certificate(&self) -> GetPublicKeyCertificateFluentBuilder
Constructs a fluent builder for the GetPublicKeyCertificate operation.
- The fluent builder is configurable:
- key_identifier(impl Into<String>)/- set_key_identifier(Option<String>):
 required: true- The - KeyARNof the asymmetric key pair.
 
- On success, responds with GetPublicKeyCertificateOutputwith field(s):- key_certificate(String):- The public key component of the asymmetric key pair in a certificate PEM format (base64 encoded). It is signed by the root certificate authority (CA). The certificate expires in 90 days. 
- key_certificate_chain(String):- The root certificate authority (CA) that signed the public key certificate in PEM format (base64 encoded) of the asymmetric key pair. 
 
- On failure, responds with SdkError<GetPublicKeyCertificateError>
source§impl Client
 
impl Client
sourcepub fn import_key(&self) -> ImportKeyFluentBuilder
 
pub fn import_key(&self) -> ImportKeyFluentBuilder
Constructs a fluent builder for the ImportKey operation.
- The fluent builder is configurable:
- key_material(ImportKeyMaterial)/- set_key_material(Option<ImportKeyMaterial>):
 required: true- The key or public key certificate type to use during key material import, for example TR-34 or RootCertificatePublicKey. 
- key_check_value_algorithm(KeyCheckValueAlgorithm)/- set_key_check_value_algorithm(Option<KeyCheckValueAlgorithm>):
 required: false- The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity. - For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result. 
- enabled(bool)/- set_enabled(Option<bool>):
 required: false- Specifies whether import key is enabled. 
- tags(Tag)/- set_tags(Option<Vec::<Tag>>):
 required: false- Assigns one or more tags to the Amazon Web Services Payment Cryptography key. Use this parameter to tag a key when it is imported. To tag an existing Amazon Web Services Payment Cryptography key, use the - TagResourceoperation.- Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You can’t have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. If you specify an existing tag key with a different tag value, Amazon Web Services Payment Cryptography replaces the current tag value with the specified one. - Don’t include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output. - Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key. 
 
- On success, responds with ImportKeyOutputwith field(s):- key(Option<Key>):- The - KeyARNof the key material imported within Amazon Web Services Payment Cryptography.
 
- On failure, responds with SdkError<ImportKeyError>
source§impl Client
 
impl Client
sourcepub fn list_aliases(&self) -> ListAliasesFluentBuilder
 
pub fn list_aliases(&self) -> ListAliasesFluentBuilder
Constructs a fluent builder for the ListAliases operation.
This operation supports pagination; See into_paginator().
- The fluent builder is configurable:
- next_token(impl Into<String>)/- set_next_token(Option<String>):
 required: false- Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of - NextTokenfrom the truncated response you just received.
- max_results(i32)/- set_max_results(Option<i32>):
 required: false- Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer. - This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50. 
 
- On success, responds with ListAliasesOutputwith field(s):- aliases(Vec::<Alias>):- The list of aliases. Each alias describes the - KeyArncontained within.
- next_token(Option<String>):- The token for the next set of results, or an empty or null value if there are no more results. 
 
- On failure, responds with SdkError<ListAliasesError>
source§impl Client
 
impl Client
sourcepub fn list_keys(&self) -> ListKeysFluentBuilder
 
pub fn list_keys(&self) -> ListKeysFluentBuilder
Constructs a fluent builder for the ListKeys operation.
This operation supports pagination; See into_paginator().
- The fluent builder is configurable:
- key_state(KeyState)/- set_key_state(Option<KeyState>):
 required: false- The key state of the keys you want to list. 
- next_token(impl Into<String>)/- set_next_token(Option<String>):
 required: false- Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of - NextTokenfrom the truncated response you just received.
- max_results(i32)/- set_max_results(Option<i32>):
 required: false- Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer. - This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50. 
 
- On success, responds with ListKeysOutputwith field(s):- keys(Vec::<KeySummary>):- The list of keys created within the caller’s Amazon Web Services account and Amazon Web Services Region. 
- next_token(Option<String>):- The token for the next set of results, or an empty or null value if there are no more results. 
 
- On failure, responds with SdkError<ListKeysError>
source§impl Client
 
impl Client
Constructs a fluent builder for the ListTagsForResource operation.
This operation supports pagination; See into_paginator().
- The fluent builder is configurable:
- resource_arn(impl Into<String>)/- set_resource_arn(Option<String>):
 required: true- The - KeyARNof the key whose tags you are getting.
- next_token(impl Into<String>)/- set_next_token(Option<String>):
 required: false- Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of - NextTokenfrom the truncated response you just received.
- max_results(i32)/- set_max_results(Option<i32>):
 required: false- Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer. - This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50. 
 
- On success, responds with ListTagsForResourceOutputwith field(s):- tags(Vec::<Tag>):- The list of tags associated with a - ResourceArn. Each tag will list the key-value pair contained within that tag.
- next_token(Option<String>):- The token for the next set of results, or an empty or null value if there are no more results. 
 
- On failure, responds with SdkError<ListTagsForResourceError>
source§impl Client
 
impl Client
sourcepub fn restore_key(&self) -> RestoreKeyFluentBuilder
 
pub fn restore_key(&self) -> RestoreKeyFluentBuilder
Constructs a fluent builder for the RestoreKey operation.
- The fluent builder is configurable:
- key_identifier(impl Into<String>)/- set_key_identifier(Option<String>):
 required: true- The - KeyARNof the key to be restored within Amazon Web Services Payment Cryptography.
 
- On success, responds with RestoreKeyOutputwith field(s):- key(Option<Key>):- The key material of the restored key. The - KeyStatewill change to- CREATE_COMPLETEand value for- DeletePendingTimestampgets removed.
 
- On failure, responds with SdkError<RestoreKeyError>
source§impl Client
 
impl Client
sourcepub fn start_key_usage(&self) -> StartKeyUsageFluentBuilder
 
pub fn start_key_usage(&self) -> StartKeyUsageFluentBuilder
Constructs a fluent builder for the StartKeyUsage operation.
- The fluent builder is configurable:
- key_identifier(impl Into<String>)/- set_key_identifier(Option<String>):
 required: true- The - KeyArnof the key.
 
- On success, responds with StartKeyUsageOutputwith field(s):- key(Option<Key>):- The - KeyARNof the Amazon Web Services Payment Cryptography key activated for use.
 
- On failure, responds with SdkError<StartKeyUsageError>
source§impl Client
 
impl Client
sourcepub fn stop_key_usage(&self) -> StopKeyUsageFluentBuilder
 
pub fn stop_key_usage(&self) -> StopKeyUsageFluentBuilder
Constructs a fluent builder for the StopKeyUsage operation.
- The fluent builder is configurable:
- key_identifier(impl Into<String>)/- set_key_identifier(Option<String>):
 required: true- The - KeyArnof the key.
 
- On success, responds with StopKeyUsageOutputwith field(s):- key(Option<Key>):- The - KeyARNof the key.
 
- On failure, responds with SdkError<StopKeyUsageError>
source§impl Client
 
impl Client
sourcepub fn tag_resource(&self) -> TagResourceFluentBuilder
 
pub fn tag_resource(&self) -> TagResourceFluentBuilder
Constructs a fluent builder for the TagResource operation.
- The fluent builder is configurable:
- resource_arn(impl Into<String>)/- set_resource_arn(Option<String>):
 required: true- The - KeyARNof the key whose tags are being updated.
- tags(Tag)/- set_tags(Option<Vec::<Tag>>):
 required: true- One or more tags. Each tag consists of a tag key and a tag value. The tag value can be an empty (null) string. You can’t have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. If you specify an existing tag key with a different tag value, Amazon Web Services Payment Cryptography replaces the current tag value with the new one. - Don’t include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output. - To use this parameter, you must have - TagResourcepermission in an IAM policy.- Don’t include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output. 
 
- On success, responds with TagResourceOutput
- On failure, responds with SdkError<TagResourceError>
source§impl Client
 
impl Client
sourcepub fn untag_resource(&self) -> UntagResourceFluentBuilder
 
pub fn untag_resource(&self) -> UntagResourceFluentBuilder
Constructs a fluent builder for the UntagResource operation.
- The fluent builder is configurable:
- resource_arn(impl Into<String>)/- set_resource_arn(Option<String>):
 required: true- The - KeyARNof the key whose tags are being removed.
- tag_keys(impl Into<String>)/- set_tag_keys(Option<Vec::<String>>):
 required: true- One or more tag keys. Don’t include the tag values. - If the Amazon Web Services Payment Cryptography key doesn’t have the specified tag key, Amazon Web Services Payment Cryptography doesn’t throw an exception or return a response. To confirm that the operation succeeded, use the - ListTagsForResourceoperation.
 
- On success, responds with UntagResourceOutput
- On failure, responds with SdkError<UntagResourceError>
source§impl Client
 
impl Client
sourcepub fn update_alias(&self) -> UpdateAliasFluentBuilder
 
pub fn update_alias(&self) -> UpdateAliasFluentBuilder
Constructs a fluent builder for the UpdateAlias operation.
- The fluent builder is configurable:
- alias_name(impl Into<String>)/- set_alias_name(Option<String>):
 required: true- The alias whose associated key is changing. 
- key_arn(impl Into<String>)/- set_key_arn(Option<String>):
 required: false- The - KeyARNfor the key that you are updating or removing from the alias.
 
- On success, responds with UpdateAliasOutputwith field(s):- alias(Option<Alias>):- The alias name. 
 
- On failure, responds with SdkError<UpdateAliasError>
source§impl Client
 
impl Client
sourcepub fn from_conf(conf: Config) -> Self
 
pub fn from_conf(conf: Config) -> Self
Creates a new client from the service Config.
Panics
This method will panic in the following cases:
- Retries or timeouts are enabled without a sleep_implconfigured.
- Identity caching is enabled without a sleep_implandtime_sourceconfigured.
- No behavior_versionis provided.
The panic message for each of these will have instructions on how to resolve them.
source§impl Client
 
impl Client
sourcepub fn new(sdk_config: &SdkConfig) -> Self
 
pub fn new(sdk_config: &SdkConfig) -> Self
Creates a new client from an SDK Config.
Panics
- This method will panic if the sdk_configis missing an async sleep implementation. If you experience this panic, set thesleep_implon the Config passed into this function to fix it.
- This method will panic if the sdk_configis missing an HTTP connector. If you experience this panic, set thehttp_connectoron the Config passed into this function to fix it.
- This method will panic if no BehaviorVersionis provided. If you experience this panic, setbehavior_versionon the Config or enable thebehavior-version-latestCargo feature.