/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include namespace Aws { namespace Http { class URI; } //namespace Http namespace S3 { namespace Model { /** */ class CreateSessionRequest : public S3Request { public: AWS_S3_API CreateSessionRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "CreateSession"; } AWS_S3_API Aws::String SerializePayload() const override; AWS_S3_API void AddQueryStringParameters(Aws::Http::URI& uri) const override; AWS_S3_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; AWS_S3_API bool HasEmbeddedError(IOStream &body, const Http::HeaderValueCollection &header) const override; /** * Helper function to collect parameters (configurable and static hardcoded) required for endpoint computation. */ AWS_S3_API EndpointParameters GetEndpointContextParams() const override; ///@{ /** *

Specifies the mode of the session that will be created, either * ReadWrite or ReadOnly. By default, a * ReadWrite session is created. A ReadWrite session is * capable of executing all the Zonal endpoint API operations on a directory * bucket. A ReadOnly session is constrained to execute the following * Zonal endpoint API operations: GetObject, HeadObject, * ListObjectsV2, GetObjectAttributes, * ListParts, and ListMultipartUploads.

*/ inline const SessionMode& GetSessionMode() const{ return m_sessionMode; } inline bool SessionModeHasBeenSet() const { return m_sessionModeHasBeenSet; } inline void SetSessionMode(const SessionMode& value) { m_sessionModeHasBeenSet = true; m_sessionMode = value; } inline void SetSessionMode(SessionMode&& value) { m_sessionModeHasBeenSet = true; m_sessionMode = std::move(value); } inline CreateSessionRequest& WithSessionMode(const SessionMode& value) { SetSessionMode(value); return *this;} inline CreateSessionRequest& WithSessionMode(SessionMode&& value) { SetSessionMode(std::move(value)); return *this;} ///@} ///@{ /** *

The name of the bucket that you create a session for.

*/ inline const Aws::String& GetBucket() const{ return m_bucket; } inline bool BucketHasBeenSet() const { return m_bucketHasBeenSet; } inline void SetBucket(const Aws::String& value) { m_bucketHasBeenSet = true; m_bucket = value; } inline void SetBucket(Aws::String&& value) { m_bucketHasBeenSet = true; m_bucket = std::move(value); } inline void SetBucket(const char* value) { m_bucketHasBeenSet = true; m_bucket.assign(value); } inline CreateSessionRequest& WithBucket(const Aws::String& value) { SetBucket(value); return *this;} inline CreateSessionRequest& WithBucket(Aws::String&& value) { SetBucket(std::move(value)); return *this;} inline CreateSessionRequest& WithBucket(const char* value) { SetBucket(value); return *this;} ///@} ///@{ /** *

The server-side encryption algorithm to use when you store objects in the * directory bucket.

For directory buckets, there are only two supported * options for server-side encryption: server-side encryption with Amazon S3 * managed keys (SSE-S3) (AES256) and server-side encryption with KMS * keys (SSE-KMS) (aws:kms). By default, Amazon S3 encrypts data with * SSE-S3. For more information, see Protecting * data with server-side encryption in the Amazon S3 User Guide.

*/ inline const ServerSideEncryption& GetServerSideEncryption() const{ return m_serverSideEncryption; } inline bool ServerSideEncryptionHasBeenSet() const { return m_serverSideEncryptionHasBeenSet; } inline void SetServerSideEncryption(const ServerSideEncryption& value) { m_serverSideEncryptionHasBeenSet = true; m_serverSideEncryption = value; } inline void SetServerSideEncryption(ServerSideEncryption&& value) { m_serverSideEncryptionHasBeenSet = true; m_serverSideEncryption = std::move(value); } inline CreateSessionRequest& WithServerSideEncryption(const ServerSideEncryption& value) { SetServerSideEncryption(value); return *this;} inline CreateSessionRequest& WithServerSideEncryption(ServerSideEncryption&& value) { SetServerSideEncryption(std::move(value)); return *this;} ///@} ///@{ /** *

If you specify x-amz-server-side-encryption with * aws:kms, you must specify the * x-amz-server-side-encryption-aws-kms-key-id header with the ID (Key ID or * Key ARN) of the KMS symmetric encryption customer managed key to use. Otherwise, * you get an HTTP 400 Bad Request error. Only use the key ID or key * ARN. The key alias format of the KMS key isn't supported. Also, if the KMS key * doesn't exist in the same account that't issuing the command, you must use the * full Key ARN not the Key ID.

Your SSE-KMS configuration can only support * 1 customer * managed key per directory bucket for the lifetime of the bucket. The Amazon * Web Services managed key (aws/s3) isn't supported.

*/ inline const Aws::String& GetSSEKMSKeyId() const{ return m_sSEKMSKeyId; } inline bool SSEKMSKeyIdHasBeenSet() const { return m_sSEKMSKeyIdHasBeenSet; } inline void SetSSEKMSKeyId(const Aws::String& value) { m_sSEKMSKeyIdHasBeenSet = true; m_sSEKMSKeyId = value; } inline void SetSSEKMSKeyId(Aws::String&& value) { m_sSEKMSKeyIdHasBeenSet = true; m_sSEKMSKeyId = std::move(value); } inline void SetSSEKMSKeyId(const char* value) { m_sSEKMSKeyIdHasBeenSet = true; m_sSEKMSKeyId.assign(value); } inline CreateSessionRequest& WithSSEKMSKeyId(const Aws::String& value) { SetSSEKMSKeyId(value); return *this;} inline CreateSessionRequest& WithSSEKMSKeyId(Aws::String&& value) { SetSSEKMSKeyId(std::move(value)); return *this;} inline CreateSessionRequest& WithSSEKMSKeyId(const char* value) { SetSSEKMSKeyId(value); return *this;} ///@} ///@{ /** *

Specifies the Amazon Web Services KMS Encryption Context as an additional * encryption context to use for object encryption. The value of this header is a * Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption * context as key-value pairs. This value is stored as object metadata and * automatically gets passed on to Amazon Web Services KMS for future * GetObject operations on this object.

General purpose * buckets - This value must be explicitly added during CopyObject * operations if you want an additional encryption context for your object. For * more information, see Encryption * context in the Amazon S3 User Guide.

Directory buckets * - You can optionally provide an explicit encryption context value. The value * must match the default encryption context - the bucket Amazon Resource Name * (ARN). An additional encryption context value is not supported.

*/ inline const Aws::String& GetSSEKMSEncryptionContext() const{ return m_sSEKMSEncryptionContext; } inline bool SSEKMSEncryptionContextHasBeenSet() const { return m_sSEKMSEncryptionContextHasBeenSet; } inline void SetSSEKMSEncryptionContext(const Aws::String& value) { m_sSEKMSEncryptionContextHasBeenSet = true; m_sSEKMSEncryptionContext = value; } inline void SetSSEKMSEncryptionContext(Aws::String&& value) { m_sSEKMSEncryptionContextHasBeenSet = true; m_sSEKMSEncryptionContext = std::move(value); } inline void SetSSEKMSEncryptionContext(const char* value) { m_sSEKMSEncryptionContextHasBeenSet = true; m_sSEKMSEncryptionContext.assign(value); } inline CreateSessionRequest& WithSSEKMSEncryptionContext(const Aws::String& value) { SetSSEKMSEncryptionContext(value); return *this;} inline CreateSessionRequest& WithSSEKMSEncryptionContext(Aws::String&& value) { SetSSEKMSEncryptionContext(std::move(value)); return *this;} inline CreateSessionRequest& WithSSEKMSEncryptionContext(const char* value) { SetSSEKMSEncryptionContext(value); return *this;} ///@} ///@{ /** *

Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption * with server-side encryption using KMS keys (SSE-KMS).

S3 Bucket Keys are * always enabled for GET and PUT operations in a * directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when * you copy SSE-KMS encrypted objects from general purpose buckets to directory * buckets, from directory buckets to general purpose buckets, or between directory * buckets, through CopyObject, * UploadPartCopy, * the * Copy operation in Batch Operations, or the * import jobs. In this case, Amazon S3 makes a call to KMS every time a copy * request is made for a KMS-encrypted object.

*/ inline bool GetBucketKeyEnabled() const{ return m_bucketKeyEnabled; } inline bool BucketKeyEnabledHasBeenSet() const { return m_bucketKeyEnabledHasBeenSet; } inline void SetBucketKeyEnabled(bool value) { m_bucketKeyEnabledHasBeenSet = true; m_bucketKeyEnabled = value; } inline CreateSessionRequest& WithBucketKeyEnabled(bool value) { SetBucketKeyEnabled(value); return *this;} ///@} ///@{ inline const Aws::Map& GetCustomizedAccessLogTag() const{ return m_customizedAccessLogTag; } inline bool CustomizedAccessLogTagHasBeenSet() const { return m_customizedAccessLogTagHasBeenSet; } inline void SetCustomizedAccessLogTag(const Aws::Map& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag = value; } inline void SetCustomizedAccessLogTag(Aws::Map&& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag = std::move(value); } inline CreateSessionRequest& WithCustomizedAccessLogTag(const Aws::Map& value) { SetCustomizedAccessLogTag(value); return *this;} inline CreateSessionRequest& WithCustomizedAccessLogTag(Aws::Map&& value) { SetCustomizedAccessLogTag(std::move(value)); return *this;} inline CreateSessionRequest& AddCustomizedAccessLogTag(const Aws::String& key, const Aws::String& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(key, value); return *this; } inline CreateSessionRequest& AddCustomizedAccessLogTag(Aws::String&& key, const Aws::String& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(std::move(key), value); return *this; } inline CreateSessionRequest& AddCustomizedAccessLogTag(const Aws::String& key, Aws::String&& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(key, std::move(value)); return *this; } inline CreateSessionRequest& AddCustomizedAccessLogTag(Aws::String&& key, Aws::String&& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(std::move(key), std::move(value)); return *this; } inline CreateSessionRequest& AddCustomizedAccessLogTag(const char* key, Aws::String&& value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(key, std::move(value)); return *this; } inline CreateSessionRequest& AddCustomizedAccessLogTag(Aws::String&& key, const char* value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(std::move(key), value); return *this; } inline CreateSessionRequest& AddCustomizedAccessLogTag(const char* key, const char* value) { m_customizedAccessLogTagHasBeenSet = true; m_customizedAccessLogTag.emplace(key, value); return *this; } ///@} private: SessionMode m_sessionMode; bool m_sessionModeHasBeenSet = false; Aws::String m_bucket; bool m_bucketHasBeenSet = false; ServerSideEncryption m_serverSideEncryption; bool m_serverSideEncryptionHasBeenSet = false; Aws::String m_sSEKMSKeyId; bool m_sSEKMSKeyIdHasBeenSet = false; Aws::String m_sSEKMSEncryptionContext; bool m_sSEKMSEncryptionContextHasBeenSet = false; bool m_bucketKeyEnabled; bool m_bucketKeyEnabledHasBeenSet = false; Aws::Map m_customizedAccessLogTag; bool m_customizedAccessLogTagHasBeenSet = false; }; } // namespace Model } // namespace S3 } // namespace Aws