paymentcryptography

package
v0.0.0-...-ae22146 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 16, 2024 License: Apache-2.0, Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package paymentcryptography provides the client and types for making API requests to Payment Cryptography Control Plane.

You use the Amazon Web Services Payment Cryptography Control Plane to manage the encryption keys you use for payment-related cryptographic operations. You can create, import, export, share, manage, and delete keys. You can also manage Identity and Access Management (IAM) policies for keys. For more information, see Identity and access management (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security-iam.html) in the Amazon Web Services Payment Cryptography User Guide.

To use encryption keys for payment-related transaction processing and associated cryptographic operations, you use the Amazon Web Services Payment Cryptography Data Plane (https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/Welcome.html). You can encrypt, decrypt, generate, verify, and translate payment-related cryptographic operations.

All Amazon Web Services Payment Cryptography API calls must be signed and transmitted using Transport Layer Security (TLS). We recommend you always use the latest supported TLS version for logging API requests.

Amazon Web Services Payment Cryptography supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the information collected by CloudTrail, you can determine what requests were made to Amazon Web Services Payment Cryptography, who made the request, when it was made, and so on. If you don't configure a trail, you can still view the most recent events in the CloudTrail console. For more information, see the CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/).

See https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14 for more information on this service.

See paymentcryptography package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/paymentcryptography/

Using the Client

To contact Payment Cryptography Control Plane with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the Payment Cryptography Control Plane client PaymentCryptography for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/paymentcryptography/#New

Index

Constants

View Source
const (
	// KeyAlgorithmTdes2key is a KeyAlgorithm enum value
	KeyAlgorithmTdes2key = "TDES_2KEY"

	// KeyAlgorithmTdes3key is a KeyAlgorithm enum value
	KeyAlgorithmTdes3key = "TDES_3KEY"

	// KeyAlgorithmAes128 is a KeyAlgorithm enum value
	KeyAlgorithmAes128 = "AES_128"

	// KeyAlgorithmAes192 is a KeyAlgorithm enum value
	KeyAlgorithmAes192 = "AES_192"

	// KeyAlgorithmAes256 is a KeyAlgorithm enum value
	KeyAlgorithmAes256 = "AES_256"

	// KeyAlgorithmRsa2048 is a KeyAlgorithm enum value
	KeyAlgorithmRsa2048 = "RSA_2048"

	// KeyAlgorithmRsa3072 is a KeyAlgorithm enum value
	KeyAlgorithmRsa3072 = "RSA_3072"

	// KeyAlgorithmRsa4096 is a KeyAlgorithm enum value
	KeyAlgorithmRsa4096 = "RSA_4096"
)
View Source
const (
	// KeyCheckValueAlgorithmCmac is a KeyCheckValueAlgorithm enum value
	KeyCheckValueAlgorithmCmac = "CMAC"

	// KeyCheckValueAlgorithmAnsiX924 is a KeyCheckValueAlgorithm enum value
	KeyCheckValueAlgorithmAnsiX924 = "ANSI_X9_24"
)
View Source
const (
	// KeyClassSymmetricKey is a KeyClass enum value
	KeyClassSymmetricKey = "SYMMETRIC_KEY"

	// KeyClassAsymmetricKeyPair is a KeyClass enum value
	KeyClassAsymmetricKeyPair = "ASYMMETRIC_KEY_PAIR"

	// KeyClassPrivateKey is a KeyClass enum value
	KeyClassPrivateKey = "PRIVATE_KEY"

	// KeyClassPublicKey is a KeyClass enum value
	KeyClassPublicKey = "PUBLIC_KEY"
)
View Source
const (
	// KeyMaterialTypeTr34KeyBlock is a KeyMaterialType enum value
	KeyMaterialTypeTr34KeyBlock = "TR34_KEY_BLOCK"

	// KeyMaterialTypeTr31KeyBlock is a KeyMaterialType enum value
	KeyMaterialTypeTr31KeyBlock = "TR31_KEY_BLOCK"

	// KeyMaterialTypeRootPublicKeyCertificate is a KeyMaterialType enum value
	KeyMaterialTypeRootPublicKeyCertificate = "ROOT_PUBLIC_KEY_CERTIFICATE"

	// KeyMaterialTypeTrustedPublicKeyCertificate is a KeyMaterialType enum value
	KeyMaterialTypeTrustedPublicKeyCertificate = "TRUSTED_PUBLIC_KEY_CERTIFICATE"
)
View Source
const (
	// KeyOriginExternal is a KeyOrigin enum value
	KeyOriginExternal = "EXTERNAL"

	// KeyOriginAwsPaymentCryptography is a KeyOrigin enum value
	KeyOriginAwsPaymentCryptography = "AWS_PAYMENT_CRYPTOGRAPHY"
)

Defines the source of a key

View Source
const (
	// KeyStateCreateInProgress is a KeyState enum value
	KeyStateCreateInProgress = "CREATE_IN_PROGRESS"

	// KeyStateCreateComplete is a KeyState enum value
	KeyStateCreateComplete = "CREATE_COMPLETE"

	// KeyStateDeletePending is a KeyState enum value
	KeyStateDeletePending = "DELETE_PENDING"

	// KeyStateDeleteComplete is a KeyState enum value
	KeyStateDeleteComplete = "DELETE_COMPLETE"
)

Defines the state of a key

View Source
const (
	// KeyUsageTr31B0BaseDerivationKey is a KeyUsage enum value
	KeyUsageTr31B0BaseDerivationKey = "TR31_B0_BASE_DERIVATION_KEY"

	// KeyUsageTr31C0CardVerificationKey is a KeyUsage enum value
	KeyUsageTr31C0CardVerificationKey = "TR31_C0_CARD_VERIFICATION_KEY"

	// KeyUsageTr31D0SymmetricDataEncryptionKey is a KeyUsage enum value
	KeyUsageTr31D0SymmetricDataEncryptionKey = "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY"

	// KeyUsageTr31D1AsymmetricKeyForDataEncryption is a KeyUsage enum value
	KeyUsageTr31D1AsymmetricKeyForDataEncryption = "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION"

	// KeyUsageTr31E0EmvMkeyAppCryptograms is a KeyUsage enum value
	KeyUsageTr31E0EmvMkeyAppCryptograms = "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS"

	// KeyUsageTr31E1EmvMkeyConfidentiality is a KeyUsage enum value
	KeyUsageTr31E1EmvMkeyConfidentiality = "TR31_E1_EMV_MKEY_CONFIDENTIALITY"

	// KeyUsageTr31E2EmvMkeyIntegrity is a KeyUsage enum value
	KeyUsageTr31E2EmvMkeyIntegrity = "TR31_E2_EMV_MKEY_INTEGRITY"

	// KeyUsageTr31E4EmvMkeyDynamicNumbers is a KeyUsage enum value
	KeyUsageTr31E4EmvMkeyDynamicNumbers = "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS"

	// KeyUsageTr31E5EmvMkeyCardPersonalization is a KeyUsage enum value
	KeyUsageTr31E5EmvMkeyCardPersonalization = "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION"

	// KeyUsageTr31E6EmvMkeyOther is a KeyUsage enum value
	KeyUsageTr31E6EmvMkeyOther = "TR31_E6_EMV_MKEY_OTHER"

	// KeyUsageTr31K0KeyEncryptionKey is a KeyUsage enum value
	KeyUsageTr31K0KeyEncryptionKey = "TR31_K0_KEY_ENCRYPTION_KEY"

	// KeyUsageTr31K1KeyBlockProtectionKey is a KeyUsage enum value
	KeyUsageTr31K1KeyBlockProtectionKey = "TR31_K1_KEY_BLOCK_PROTECTION_KEY"

	// KeyUsageTr31K3AsymmetricKeyForKeyAgreement is a KeyUsage enum value
	KeyUsageTr31K3AsymmetricKeyForKeyAgreement = "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT"

	// KeyUsageTr31M3Iso97973MacKey is a KeyUsage enum value
	KeyUsageTr31M3Iso97973MacKey = "TR31_M3_ISO_9797_3_MAC_KEY"

	// KeyUsageTr31M6Iso97975CmacKey is a KeyUsage enum value
	KeyUsageTr31M6Iso97975CmacKey = "TR31_M6_ISO_9797_5_CMAC_KEY"

	// KeyUsageTr31M7HmacKey is a KeyUsage enum value
	KeyUsageTr31M7HmacKey = "TR31_M7_HMAC_KEY"

	// KeyUsageTr31P0PinEncryptionKey is a KeyUsage enum value
	KeyUsageTr31P0PinEncryptionKey = "TR31_P0_PIN_ENCRYPTION_KEY"

	// KeyUsageTr31P1PinGenerationKey is a KeyUsage enum value
	KeyUsageTr31P1PinGenerationKey = "TR31_P1_PIN_GENERATION_KEY"

	// KeyUsageTr31S0AsymmetricKeyForDigitalSignature is a KeyUsage enum value
	KeyUsageTr31S0AsymmetricKeyForDigitalSignature = "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE"

	// KeyUsageTr31V1Ibm3624PinVerificationKey is a KeyUsage enum value
	KeyUsageTr31V1Ibm3624PinVerificationKey = "TR31_V1_IBM3624_PIN_VERIFICATION_KEY"

	// KeyUsageTr31V2VisaPinVerificationKey is a KeyUsage enum value
	KeyUsageTr31V2VisaPinVerificationKey = "TR31_V2_VISA_PIN_VERIFICATION_KEY"

	// KeyUsageTr31K2Tr34AsymmetricKey is a KeyUsage enum value
	KeyUsageTr31K2Tr34AsymmetricKey = "TR31_K2_TR34_ASYMMETRIC_KEY"
)
View Source
const (
	// WrappedKeyMaterialFormatKeyCryptogram is a WrappedKeyMaterialFormat enum value
	WrappedKeyMaterialFormatKeyCryptogram = "KEY_CRYPTOGRAM"

	// WrappedKeyMaterialFormatTr31KeyBlock is a WrappedKeyMaterialFormat enum value
	WrappedKeyMaterialFormatTr31KeyBlock = "TR31_KEY_BLOCK"

	// WrappedKeyMaterialFormatTr34KeyBlock is a WrappedKeyMaterialFormat enum value
	WrappedKeyMaterialFormatTr34KeyBlock = "TR34_KEY_BLOCK"
)
View Source
const (

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// You do not have sufficient access to perform this action.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeConflictException for service response error code
	// "ConflictException".
	//
	// This request can cause an inconsistent state for the resource.
	ErrCodeConflictException = "ConflictException"

	// ErrCodeInternalServerException for service response error code
	// "InternalServerException".
	//
	// The request processing has failed because of an unknown error, exception,
	// or failure.
	ErrCodeInternalServerException = "InternalServerException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// The request was denied due to an invalid resource error.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"

	// ErrCodeServiceQuotaExceededException for service response error code
	// "ServiceQuotaExceededException".
	//
	// This request would cause a service quota to be exceeded.
	ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException"

	// ErrCodeServiceUnavailableException for service response error code
	// "ServiceUnavailableException".
	//
	// The service cannot complete the request.
	ErrCodeServiceUnavailableException = "ServiceUnavailableException"

	// ErrCodeThrottlingException for service response error code
	// "ThrottlingException".
	//
	// The request was denied due to request throttling.
	ErrCodeThrottlingException = "ThrottlingException"

	// ErrCodeValidationException for service response error code
	// "ValidationException".
	//
	// The request was denied due to an invalid request error.
	ErrCodeValidationException = "ValidationException"
)
View Source
const (
	ServiceName = "Payment Cryptography"              // Name of service.
	EndpointsID = "controlplane.payment-cryptography" // ID to lookup a service endpoint with.
	ServiceID   = "Payment Cryptography"              // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source
const (
	// Tr34KeyBlockFormatX9Tr342012 is a Tr34KeyBlockFormat enum value
	Tr34KeyBlockFormatX9Tr342012 = "X9_TR34_2012"
)

Variables

This section is empty.

Functions

func KeyAlgorithm_Values

func KeyAlgorithm_Values() []string

KeyAlgorithm_Values returns all elements of the KeyAlgorithm enum

func KeyCheckValueAlgorithm_Values

func KeyCheckValueAlgorithm_Values() []string

KeyCheckValueAlgorithm_Values returns all elements of the KeyCheckValueAlgorithm enum

func KeyClass_Values

func KeyClass_Values() []string

KeyClass_Values returns all elements of the KeyClass enum

func KeyMaterialType_Values

func KeyMaterialType_Values() []string

KeyMaterialType_Values returns all elements of the KeyMaterialType enum

func KeyOrigin_Values

func KeyOrigin_Values() []string

KeyOrigin_Values returns all elements of the KeyOrigin enum

func KeyState_Values

func KeyState_Values() []string

KeyState_Values returns all elements of the KeyState enum

func KeyUsage_Values

func KeyUsage_Values() []string

KeyUsage_Values returns all elements of the KeyUsage enum

func Tr34KeyBlockFormat_Values

func Tr34KeyBlockFormat_Values() []string

Tr34KeyBlockFormat_Values returns all elements of the Tr34KeyBlockFormat enum

func WrappedKeyMaterialFormat_Values

func WrappedKeyMaterialFormat_Values() []string

WrappedKeyMaterialFormat_Values returns all elements of the WrappedKeyMaterialFormat enum

Types

type AccessDeniedException

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

You do not have sufficient access to perform this action.

func (*AccessDeniedException) Code

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString

func (s AccessDeniedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessDeniedException) Message

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String

func (s AccessDeniedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Alias

type Alias struct {

	// A friendly name that you can use to refer to a key. The value must begin
	// with alias/.
	//
	// Do not include confidential or sensitive information in this field. This
	// field may be displayed in plaintext in CloudTrail logs and other output.
	//
	// AliasName is a required field
	AliasName *string `min:"7" type:"string" required:"true"`

	// The KeyARN of the key associated with the alias.
	KeyArn *string `min:"70" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an alias.

func (Alias) GoString

func (s Alias) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Alias) SetAliasName

func (s *Alias) SetAliasName(v string) *Alias

SetAliasName sets the AliasName field's value.

func (*Alias) SetKeyArn

func (s *Alias) SetKeyArn(v string) *Alias

SetKeyArn sets the KeyArn field's value.

func (Alias) String

func (s Alias) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConflictException

type ConflictException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

This request can cause an inconsistent state for the resource.

func (*ConflictException) Code

func (s *ConflictException) Code() string

Code returns the exception type name.

func (*ConflictException) Error

func (s *ConflictException) Error() string

func (ConflictException) GoString

func (s ConflictException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConflictException) Message

func (s *ConflictException) Message() string

Message returns the exception's message.

func (*ConflictException) OrigErr

func (s *ConflictException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConflictException) RequestID

func (s *ConflictException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConflictException) StatusCode

func (s *ConflictException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConflictException) String

func (s ConflictException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateAliasInput

type CreateAliasInput struct {

	// A friendly name that you can use to refer a key. An alias must begin with
	// alias/ followed by a name, for example alias/ExampleAlias. It can contain
	// only alphanumeric characters, forward slashes (/), underscores (_), and dashes
	// (-).
	//
	// Don't include confidential or sensitive information in this field. This field
	// may be displayed in plaintext in CloudTrail logs and other output.
	//
	// AliasName is a required field
	AliasName *string `min:"7" type:"string" required:"true"`

	// The KeyARN of the key to associate with the alias.
	KeyArn *string `min:"70" type:"string"`
	// contains filtered or unexported fields
}

func (CreateAliasInput) GoString

func (s CreateAliasInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAliasInput) SetAliasName

func (s *CreateAliasInput) SetAliasName(v string) *CreateAliasInput

SetAliasName sets the AliasName field's value.

func (*CreateAliasInput) SetKeyArn

func (s *CreateAliasInput) SetKeyArn(v string) *CreateAliasInput

SetKeyArn sets the KeyArn field's value.

func (CreateAliasInput) String

func (s CreateAliasInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAliasInput) Validate

func (s *CreateAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAliasOutput

type CreateAliasOutput struct {

	// The alias for the key.
	//
	// Alias is a required field
	Alias *Alias `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (CreateAliasOutput) GoString

func (s CreateAliasOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAliasOutput) SetAlias

func (s *CreateAliasOutput) SetAlias(v *Alias) *CreateAliasOutput

SetAlias sets the Alias field's value.

func (CreateAliasOutput) String

func (s CreateAliasOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateKeyInput

type CreateKeyInput struct {

	// Specifies whether to enable the key. If the key is enabled, it is activated
	// for use within the service. If the key not enabled, then it is created but
	// not activated. The default value is enabled.
	Enabled *bool `type:"boolean"`

	// Specifies whether the key is exportable from the service.
	//
	// Exportable is a required field
	Exportable *bool `type:"boolean" required:"true"`

	// The role of the key, the algorithm it supports, and the cryptographic operations
	// allowed with the key. This data is immutable after the key is created.
	//
	// KeyAttributes is a required field
	KeyAttributes *KeyAttributes `type:"structure" required:"true"`

	// The algorithm that Amazon Web Services Payment Cryptography uses to calculate
	// the key check value (KCV) for DES and AES keys.
	//
	// For DES key, the KCV is computed by encrypting 8 bytes, each with value '00',
	// with the key to be checked and retaining the 3 highest order bytes of the
	// encrypted result. For AES key, the KCV is computed by encrypting 8 bytes,
	// each with value '01', with the key to be checked and retaining the 3 highest
	// order bytes of the encrypted result.
	KeyCheckValueAlgorithm *string `type:"string" enum:"KeyCheckValueAlgorithm"`

	// The tags to attach to the key. Each tag consists of a tag key and a tag value.
	// Both the tag key and the tag value are required, but the tag value can be
	// an empty (null) string. You can't have more than one tag on an Amazon Web
	// Services Payment Cryptography key with the same tag key.
	//
	// To use this parameter, you must have TagResource permission.
	//
	// Don't include confidential or sensitive information in this field. This field
	// may be displayed in plaintext in CloudTrail logs and other output.
	//
	// Tagging or untagging an Amazon Web Services Payment Cryptography key can
	// allow or deny permission to the key.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (CreateKeyInput) GoString

func (s CreateKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateKeyInput) SetEnabled

func (s *CreateKeyInput) SetEnabled(v bool) *CreateKeyInput

SetEnabled sets the Enabled field's value.

func (*CreateKeyInput) SetExportable

func (s *CreateKeyInput) SetExportable(v bool) *CreateKeyInput

SetExportable sets the Exportable field's value.

func (*CreateKeyInput) SetKeyAttributes

func (s *CreateKeyInput) SetKeyAttributes(v *KeyAttributes) *CreateKeyInput

SetKeyAttributes sets the KeyAttributes field's value.

func (*CreateKeyInput) SetKeyCheckValueAlgorithm

func (s *CreateKeyInput) SetKeyCheckValueAlgorithm(v string) *CreateKeyInput

SetKeyCheckValueAlgorithm sets the KeyCheckValueAlgorithm field's value.

func (*CreateKeyInput) SetTags

func (s *CreateKeyInput) SetTags(v []*Tag) *CreateKeyInput

SetTags sets the Tags field's value.

func (CreateKeyInput) String

func (s CreateKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateKeyInput) Validate

func (s *CreateKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateKeyOutput

type CreateKeyOutput struct {

	// The key material that contains all the key attributes.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (CreateKeyOutput) GoString

func (s CreateKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateKeyOutput) SetKey

func (s *CreateKeyOutput) SetKey(v *Key) *CreateKeyOutput

SetKey sets the Key field's value.

func (CreateKeyOutput) String

func (s CreateKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteAliasInput

type DeleteAliasInput struct {

	// A friendly name that you can use to refer Amazon Web Services Payment Cryptography
	// key. This value must begin with alias/ followed by a name, such as alias/ExampleAlias.
	//
	// AliasName is a required field
	AliasName *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteAliasInput) GoString

func (s DeleteAliasInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteAliasInput) SetAliasName

func (s *DeleteAliasInput) SetAliasName(v string) *DeleteAliasInput

SetAliasName sets the AliasName field's value.

func (DeleteAliasInput) String

func (s DeleteAliasInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteAliasInput) Validate

func (s *DeleteAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAliasOutput

type DeleteAliasOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAliasOutput) GoString

func (s DeleteAliasOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteAliasOutput) String

func (s DeleteAliasOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteKeyInput

type DeleteKeyInput struct {

	// The waiting period for key deletion. The default value is seven days.
	DeleteKeyInDays *int64 `min:"3" type:"integer"`

	// The KeyARN of the key that is scheduled for deletion.
	//
	// KeyIdentifier is a required field
	KeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteKeyInput) GoString

func (s DeleteKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteKeyInput) SetDeleteKeyInDays

func (s *DeleteKeyInput) SetDeleteKeyInDays(v int64) *DeleteKeyInput

SetDeleteKeyInDays sets the DeleteKeyInDays field's value.

func (*DeleteKeyInput) SetKeyIdentifier

func (s *DeleteKeyInput) SetKeyIdentifier(v string) *DeleteKeyInput

SetKeyIdentifier sets the KeyIdentifier field's value.

func (DeleteKeyInput) String

func (s DeleteKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteKeyInput) Validate

func (s *DeleteKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteKeyOutput

type DeleteKeyOutput struct {

	// The KeyARN of the key that is scheduled for deletion.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteKeyOutput) GoString

func (s DeleteKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteKeyOutput) SetKey

func (s *DeleteKeyOutput) SetKey(v *Key) *DeleteKeyOutput

SetKey sets the Key field's value.

func (DeleteKeyOutput) String

func (s DeleteKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ExportKeyInput

type ExportKeyInput struct {

	// The KeyARN of the key under export from Amazon Web Services Payment Cryptography.
	//
	// ExportKeyIdentifier is a required field
	ExportKeyIdentifier *string `min:"7" type:"string" required:"true"`

	// The key block format type, for example, TR-34 or TR-31, to use during key
	// material export.
	//
	// KeyMaterial is a required field
	KeyMaterial *ExportKeyMaterial `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (ExportKeyInput) GoString

func (s ExportKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportKeyInput) SetExportKeyIdentifier

func (s *ExportKeyInput) SetExportKeyIdentifier(v string) *ExportKeyInput

SetExportKeyIdentifier sets the ExportKeyIdentifier field's value.

func (*ExportKeyInput) SetKeyMaterial

func (s *ExportKeyInput) SetKeyMaterial(v *ExportKeyMaterial) *ExportKeyInput

SetKeyMaterial sets the KeyMaterial field's value.

func (ExportKeyInput) String

func (s ExportKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportKeyInput) Validate

func (s *ExportKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ExportKeyMaterial

type ExportKeyMaterial struct {

	// Parameter information for key material export using TR-31 standard.
	Tr31KeyBlock *ExportTr31KeyBlock `type:"structure"`

	// Parameter information for key material export using TR-34 standard.
	Tr34KeyBlock *ExportTr34KeyBlock `type:"structure"`
	// contains filtered or unexported fields
}

Parameter information for key material export from Amazon Web Services Payment Cryptography.

func (ExportKeyMaterial) GoString

func (s ExportKeyMaterial) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportKeyMaterial) SetTr31KeyBlock

func (s *ExportKeyMaterial) SetTr31KeyBlock(v *ExportTr31KeyBlock) *ExportKeyMaterial

SetTr31KeyBlock sets the Tr31KeyBlock field's value.

func (*ExportKeyMaterial) SetTr34KeyBlock

func (s *ExportKeyMaterial) SetTr34KeyBlock(v *ExportTr34KeyBlock) *ExportKeyMaterial

SetTr34KeyBlock sets the Tr34KeyBlock field's value.

func (ExportKeyMaterial) String

func (s ExportKeyMaterial) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportKeyMaterial) Validate

func (s *ExportKeyMaterial) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ExportKeyOutput

type ExportKeyOutput struct {

	// The key material under export as a TR-34 or TR-31 wrapped key block.
	WrappedKey *WrappedKey `type:"structure"`
	// contains filtered or unexported fields
}

func (ExportKeyOutput) GoString

func (s ExportKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportKeyOutput) SetWrappedKey

func (s *ExportKeyOutput) SetWrappedKey(v *WrappedKey) *ExportKeyOutput

SetWrappedKey sets the WrappedKey field's value.

func (ExportKeyOutput) String

func (s ExportKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ExportTr31KeyBlock

type ExportTr31KeyBlock struct {

	// The KeyARN of the the wrapping key. This key encrypts or wraps the key under
	// export for TR-31 key block generation.
	//
	// WrappingKeyIdentifier is a required field
	WrappingKeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Parameter information for key material export using TR-31 standard.

func (ExportTr31KeyBlock) GoString

func (s ExportTr31KeyBlock) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportTr31KeyBlock) SetWrappingKeyIdentifier

func (s *ExportTr31KeyBlock) SetWrappingKeyIdentifier(v string) *ExportTr31KeyBlock

SetWrappingKeyIdentifier sets the WrappingKeyIdentifier field's value.

func (ExportTr31KeyBlock) String

func (s ExportTr31KeyBlock) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportTr31KeyBlock) Validate

func (s *ExportTr31KeyBlock) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ExportTr34KeyBlock

type ExportTr34KeyBlock struct {

	// The KeyARN of the certificate chain that signs the wrapping key certificate
	// during TR-34 key export.
	//
	// CertificateAuthorityPublicKeyIdentifier is a required field
	CertificateAuthorityPublicKeyIdentifier *string `min:"7" type:"string" required:"true"`

	// The export token to initiate key export from Amazon Web Services Payment
	// Cryptography. It also contains the signing key certificate that will sign
	// the wrapped key during TR-34 key block generation. Call GetParametersForExport
	// to receive an export token. It expires after 7 days. You can use the same
	// export token to export multiple keys from the same service account.
	//
	// ExportToken is a required field
	ExportToken *string `type:"string" required:"true"`

	// The format of key block that Amazon Web Services Payment Cryptography will
	// use during key export.
	//
	// KeyBlockFormat is a required field
	KeyBlockFormat *string `type:"string" required:"true" enum:"Tr34KeyBlockFormat"`

	// A random number value that is unique to the TR-34 key block generated using
	// 2 pass. The operation will fail, if a random nonce value is not provided
	// for a TR-34 key block generated using 2 pass.
	RandomNonce *string `min:"16" type:"string"`

	// The KeyARN of the wrapping key certificate. Amazon Web Services Payment Cryptography
	// uses this certificate to wrap the key under export.
	//
	// WrappingKeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ExportTr34KeyBlock's
	// String and GoString methods.
	//
	// WrappingKeyCertificate is a required field
	WrappingKeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Parameter information for key material export using TR-34 standard.

func (ExportTr34KeyBlock) GoString

func (s ExportTr34KeyBlock) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportTr34KeyBlock) SetCertificateAuthorityPublicKeyIdentifier

func (s *ExportTr34KeyBlock) SetCertificateAuthorityPublicKeyIdentifier(v string) *ExportTr34KeyBlock

SetCertificateAuthorityPublicKeyIdentifier sets the CertificateAuthorityPublicKeyIdentifier field's value.

func (*ExportTr34KeyBlock) SetExportToken

func (s *ExportTr34KeyBlock) SetExportToken(v string) *ExportTr34KeyBlock

SetExportToken sets the ExportToken field's value.

func (*ExportTr34KeyBlock) SetKeyBlockFormat

func (s *ExportTr34KeyBlock) SetKeyBlockFormat(v string) *ExportTr34KeyBlock

SetKeyBlockFormat sets the KeyBlockFormat field's value.

func (*ExportTr34KeyBlock) SetRandomNonce

func (s *ExportTr34KeyBlock) SetRandomNonce(v string) *ExportTr34KeyBlock

SetRandomNonce sets the RandomNonce field's value.

func (*ExportTr34KeyBlock) SetWrappingKeyCertificate

func (s *ExportTr34KeyBlock) SetWrappingKeyCertificate(v string) *ExportTr34KeyBlock

SetWrappingKeyCertificate sets the WrappingKeyCertificate field's value.

func (ExportTr34KeyBlock) String

func (s ExportTr34KeyBlock) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExportTr34KeyBlock) Validate

func (s *ExportTr34KeyBlock) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetAliasInput

type GetAliasInput struct {

	// The alias of the Amazon Web Services Payment Cryptography key.
	//
	// AliasName is a required field
	AliasName *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetAliasInput) GoString

func (s GetAliasInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAliasInput) SetAliasName

func (s *GetAliasInput) SetAliasName(v string) *GetAliasInput

SetAliasName sets the AliasName field's value.

func (GetAliasInput) String

func (s GetAliasInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAliasInput) Validate

func (s *GetAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetAliasOutput

type GetAliasOutput struct {

	// The alias of the Amazon Web Services Payment Cryptography key.
	//
	// Alias is a required field
	Alias *Alias `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetAliasOutput) GoString

func (s GetAliasOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAliasOutput) SetAlias

func (s *GetAliasOutput) SetAlias(v *Alias) *GetAliasOutput

SetAlias sets the Alias field's value.

func (GetAliasOutput) String

func (s GetAliasOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetKeyInput

type GetKeyInput struct {

	// The KeyARN of the Amazon Web Services Payment Cryptography key.
	//
	// KeyIdentifier is a required field
	KeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetKeyInput) GoString

func (s GetKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetKeyInput) SetKeyIdentifier

func (s *GetKeyInput) SetKeyIdentifier(v string) *GetKeyInput

SetKeyIdentifier sets the KeyIdentifier field's value.

func (GetKeyInput) String

func (s GetKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetKeyInput) Validate

func (s *GetKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetKeyOutput

type GetKeyOutput struct {

	// The key material, including the immutable and mutable data for the key.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetKeyOutput) GoString

func (s GetKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetKeyOutput) SetKey

func (s *GetKeyOutput) SetKey(v *Key) *GetKeyOutput

SetKey sets the Key field's value.

func (GetKeyOutput) String

func (s GetKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetParametersForExportInput

type GetParametersForExportInput struct {

	// The key block format type (for example, TR-34 or TR-31) to use during key
	// material export. Export token is only required for a TR-34 key export, TR34_KEY_BLOCK.
	// Export token is not required for TR-31 key export.
	//
	// KeyMaterialType is a required field
	KeyMaterialType *string `type:"string" required:"true" enum:"KeyMaterialType"`

	// The signing key algorithm to generate a signing key certificate. This certificate
	// signs the wrapped key under export within the TR-34 key block cryptogram.
	// RSA_2048 is the only signing key algorithm allowed.
	//
	// SigningKeyAlgorithm is a required field
	SigningKeyAlgorithm *string `type:"string" required:"true" enum:"KeyAlgorithm"`
	// contains filtered or unexported fields
}

func (GetParametersForExportInput) GoString

func (s GetParametersForExportInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetParametersForExportInput) SetKeyMaterialType

SetKeyMaterialType sets the KeyMaterialType field's value.

func (*GetParametersForExportInput) SetSigningKeyAlgorithm

func (s *GetParametersForExportInput) SetSigningKeyAlgorithm(v string) *GetParametersForExportInput

SetSigningKeyAlgorithm sets the SigningKeyAlgorithm field's value.

func (GetParametersForExportInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetParametersForExportInput) Validate

func (s *GetParametersForExportInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetParametersForExportOutput

type GetParametersForExportOutput struct {

	// The export token to initiate key export from Amazon Web Services Payment
	// Cryptography. The export token expires after 7 days. You can use the same
	// export token to export multiple keys from the same service account.
	//
	// ExportToken is a required field
	ExportToken *string `type:"string" required:"true"`

	// The validity period of the export token.
	//
	// ParametersValidUntilTimestamp is a required field
	ParametersValidUntilTimestamp *time.Time `type:"timestamp" required:"true"`

	// The algorithm of the signing key certificate for use in TR-34 key block generation.
	// RSA_2048 is the only signing key algorithm allowed.
	//
	// SigningKeyAlgorithm is a required field
	SigningKeyAlgorithm *string `type:"string" required:"true" enum:"KeyAlgorithm"`

	// The signing key certificate of the public key for signature within the TR-34
	// key block cryptogram. The certificate expires after 7 days.
	//
	// SigningKeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetParametersForExportOutput's
	// String and GoString methods.
	//
	// SigningKeyCertificate is a required field
	SigningKeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The certificate chain that signed the signing key certificate. This is the
	// root certificate authority (CA) within your service account.
	//
	// SigningKeyCertificateChain is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetParametersForExportOutput's
	// String and GoString methods.
	//
	// SigningKeyCertificateChain is a required field
	SigningKeyCertificateChain *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetParametersForExportOutput) GoString

func (s GetParametersForExportOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetParametersForExportOutput) SetExportToken

SetExportToken sets the ExportToken field's value.

func (*GetParametersForExportOutput) SetParametersValidUntilTimestamp

func (s *GetParametersForExportOutput) SetParametersValidUntilTimestamp(v time.Time) *GetParametersForExportOutput

SetParametersValidUntilTimestamp sets the ParametersValidUntilTimestamp field's value.

func (*GetParametersForExportOutput) SetSigningKeyAlgorithm

SetSigningKeyAlgorithm sets the SigningKeyAlgorithm field's value.

func (*GetParametersForExportOutput) SetSigningKeyCertificate

func (s *GetParametersForExportOutput) SetSigningKeyCertificate(v string) *GetParametersForExportOutput

SetSigningKeyCertificate sets the SigningKeyCertificate field's value.

func (*GetParametersForExportOutput) SetSigningKeyCertificateChain

func (s *GetParametersForExportOutput) SetSigningKeyCertificateChain(v string) *GetParametersForExportOutput

SetSigningKeyCertificateChain sets the SigningKeyCertificateChain field's value.

func (GetParametersForExportOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetParametersForImportInput

type GetParametersForImportInput struct {

	// The key block format type such as TR-34 or TR-31 to use during key material
	// import. Import token is only required for TR-34 key import TR34_KEY_BLOCK.
	// Import token is not required for TR-31 key import.
	//
	// KeyMaterialType is a required field
	KeyMaterialType *string `type:"string" required:"true" enum:"KeyMaterialType"`

	// The wrapping key algorithm to generate a wrapping key certificate. This certificate
	// wraps the key under import within the TR-34 key block cryptogram. RSA_2048
	// is the only wrapping key algorithm allowed.
	//
	// WrappingKeyAlgorithm is a required field
	WrappingKeyAlgorithm *string `type:"string" required:"true" enum:"KeyAlgorithm"`
	// contains filtered or unexported fields
}

func (GetParametersForImportInput) GoString

func (s GetParametersForImportInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetParametersForImportInput) SetKeyMaterialType

SetKeyMaterialType sets the KeyMaterialType field's value.

func (*GetParametersForImportInput) SetWrappingKeyAlgorithm

func (s *GetParametersForImportInput) SetWrappingKeyAlgorithm(v string) *GetParametersForImportInput

SetWrappingKeyAlgorithm sets the WrappingKeyAlgorithm field's value.

func (GetParametersForImportInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetParametersForImportInput) Validate

func (s *GetParametersForImportInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetParametersForImportOutput

type GetParametersForImportOutput struct {

	// The import token to initiate key import into Amazon Web Services Payment
	// Cryptography. The import token expires after 7 days. You can use the same
	// import token to import multiple keys to the same service account.
	//
	// ImportToken is a required field
	ImportToken *string `type:"string" required:"true"`

	// The validity period of the import token.
	//
	// ParametersValidUntilTimestamp is a required field
	ParametersValidUntilTimestamp *time.Time `type:"timestamp" required:"true"`

	// The algorithm of the wrapping key for use within TR-34 key block. RSA_2048
	// is the only wrapping key algorithm allowed.
	//
	// WrappingKeyAlgorithm is a required field
	WrappingKeyAlgorithm *string `type:"string" required:"true" enum:"KeyAlgorithm"`

	// The wrapping key certificate of the wrapping key for use within the TR-34
	// key block. The certificate expires in 7 days.
	//
	// WrappingKeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetParametersForImportOutput's
	// String and GoString methods.
	//
	// WrappingKeyCertificate is a required field
	WrappingKeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The Amazon Web Services Payment Cryptography certificate chain that signed
	// the wrapping key certificate. This is the root certificate authority (CA)
	// within your service account.
	//
	// WrappingKeyCertificateChain is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetParametersForImportOutput's
	// String and GoString methods.
	//
	// WrappingKeyCertificateChain is a required field
	WrappingKeyCertificateChain *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetParametersForImportOutput) GoString

func (s GetParametersForImportOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetParametersForImportOutput) SetImportToken

SetImportToken sets the ImportToken field's value.

func (*GetParametersForImportOutput) SetParametersValidUntilTimestamp

func (s *GetParametersForImportOutput) SetParametersValidUntilTimestamp(v time.Time) *GetParametersForImportOutput

SetParametersValidUntilTimestamp sets the ParametersValidUntilTimestamp field's value.

func (*GetParametersForImportOutput) SetWrappingKeyAlgorithm

func (s *GetParametersForImportOutput) SetWrappingKeyAlgorithm(v string) *GetParametersForImportOutput

SetWrappingKeyAlgorithm sets the WrappingKeyAlgorithm field's value.

func (*GetParametersForImportOutput) SetWrappingKeyCertificate

func (s *GetParametersForImportOutput) SetWrappingKeyCertificate(v string) *GetParametersForImportOutput

SetWrappingKeyCertificate sets the WrappingKeyCertificate field's value.

func (*GetParametersForImportOutput) SetWrappingKeyCertificateChain

func (s *GetParametersForImportOutput) SetWrappingKeyCertificateChain(v string) *GetParametersForImportOutput

SetWrappingKeyCertificateChain sets the WrappingKeyCertificateChain field's value.

func (GetParametersForImportOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPublicKeyCertificateInput

type GetPublicKeyCertificateInput struct {

	// The KeyARN of the asymmetric key pair.
	//
	// KeyIdentifier is a required field
	KeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPublicKeyCertificateInput) GoString

func (s GetPublicKeyCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPublicKeyCertificateInput) SetKeyIdentifier

SetKeyIdentifier sets the KeyIdentifier field's value.

func (GetPublicKeyCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPublicKeyCertificateInput) Validate

func (s *GetPublicKeyCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPublicKeyCertificateOutput

type GetPublicKeyCertificateOutput struct {

	// The public key component of the asymmetric key pair in a certificate (PEM)
	// format. It is signed by the root certificate authority (CA) within your service
	// account. The certificate expires in 90 days.
	//
	// KeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPublicKeyCertificateOutput's
	// String and GoString methods.
	//
	// KeyCertificate is a required field
	KeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The certificate chain that signed the public key certificate of the asymmetric
	// key pair. This is the root certificate authority (CA) within your service
	// account.
	//
	// KeyCertificateChain is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPublicKeyCertificateOutput's
	// String and GoString methods.
	//
	// KeyCertificateChain is a required field
	KeyCertificateChain *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetPublicKeyCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPublicKeyCertificateOutput) SetKeyCertificate

SetKeyCertificate sets the KeyCertificate field's value.

func (*GetPublicKeyCertificateOutput) SetKeyCertificateChain

SetKeyCertificateChain sets the KeyCertificateChain field's value.

func (GetPublicKeyCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ImportKeyInput

type ImportKeyInput struct {

	// Specifies whether import key is enabled.
	Enabled *bool `type:"boolean"`

	// The algorithm that Amazon Web Services Payment Cryptography uses to calculate
	// the key check value (KCV) for DES and AES keys.
	//
	// For DES key, the KCV is computed by encrypting 8 bytes, each with value '00',
	// with the key to be checked and retaining the 3 highest order bytes of the
	// encrypted result. For AES key, the KCV is computed by encrypting 8 bytes,
	// each with value '01', with the key to be checked and retaining the 3 highest
	// order bytes of the encrypted result.
	KeyCheckValueAlgorithm *string `type:"string" enum:"KeyCheckValueAlgorithm"`

	// The key or public key certificate type to use during key material import,
	// for example TR-34 or RootCertificatePublicKey.
	//
	// KeyMaterial is a required field
	KeyMaterial *ImportKeyMaterial `type:"structure" required:"true"`

	// The tags to attach to the key. Each tag consists of a tag key and a tag value.
	// Both the tag key and the tag value are required, but the tag value can be
	// an empty (null) string. You can't have more than one tag on an Amazon Web
	// Services Payment Cryptography key with the same tag key.
	//
	// You can't have more than one tag on an Amazon Web Services Payment Cryptography
	// key with the same tag key. If you specify an existing tag key with a different
	// tag value, Amazon Web Services Payment Cryptography replaces the current
	// tag value with the specified one.
	//
	// To use this parameter, you must have TagResource permission.
	//
	// Don't include confidential or sensitive information in this field. This field
	// may be displayed in plaintext in CloudTrail logs and other output.
	//
	// Tagging or untagging an Amazon Web Services Payment Cryptography key can
	// allow or deny permission to the key.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (ImportKeyInput) GoString

func (s ImportKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportKeyInput) SetEnabled

func (s *ImportKeyInput) SetEnabled(v bool) *ImportKeyInput

SetEnabled sets the Enabled field's value.

func (*ImportKeyInput) SetKeyCheckValueAlgorithm

func (s *ImportKeyInput) SetKeyCheckValueAlgorithm(v string) *ImportKeyInput

SetKeyCheckValueAlgorithm sets the KeyCheckValueAlgorithm field's value.

func (*ImportKeyInput) SetKeyMaterial

func (s *ImportKeyInput) SetKeyMaterial(v *ImportKeyMaterial) *ImportKeyInput

SetKeyMaterial sets the KeyMaterial field's value.

func (*ImportKeyInput) SetTags

func (s *ImportKeyInput) SetTags(v []*Tag) *ImportKeyInput

SetTags sets the Tags field's value.

func (ImportKeyInput) String

func (s ImportKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportKeyInput) Validate

func (s *ImportKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ImportKeyMaterial

type ImportKeyMaterial struct {

	// Parameter information for root public key certificate import.
	RootCertificatePublicKey *RootCertificatePublicKey `type:"structure"`

	// Parameter information for key material import using TR-31 standard.
	Tr31KeyBlock *ImportTr31KeyBlock `type:"structure"`

	// Parameter information for key material import using TR-34 standard.
	Tr34KeyBlock *ImportTr34KeyBlock `type:"structure"`

	// Parameter information for trusted public key certificate import.
	TrustedCertificatePublicKey *TrustedCertificatePublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Parameter information for key material import.

func (ImportKeyMaterial) GoString

func (s ImportKeyMaterial) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportKeyMaterial) SetRootCertificatePublicKey

func (s *ImportKeyMaterial) SetRootCertificatePublicKey(v *RootCertificatePublicKey) *ImportKeyMaterial

SetRootCertificatePublicKey sets the RootCertificatePublicKey field's value.

func (*ImportKeyMaterial) SetTr31KeyBlock

func (s *ImportKeyMaterial) SetTr31KeyBlock(v *ImportTr31KeyBlock) *ImportKeyMaterial

SetTr31KeyBlock sets the Tr31KeyBlock field's value.

func (*ImportKeyMaterial) SetTr34KeyBlock

func (s *ImportKeyMaterial) SetTr34KeyBlock(v *ImportTr34KeyBlock) *ImportKeyMaterial

SetTr34KeyBlock sets the Tr34KeyBlock field's value.

func (*ImportKeyMaterial) SetTrustedCertificatePublicKey

func (s *ImportKeyMaterial) SetTrustedCertificatePublicKey(v *TrustedCertificatePublicKey) *ImportKeyMaterial

SetTrustedCertificatePublicKey sets the TrustedCertificatePublicKey field's value.

func (ImportKeyMaterial) String

func (s ImportKeyMaterial) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportKeyMaterial) Validate

func (s *ImportKeyMaterial) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ImportKeyOutput

type ImportKeyOutput struct {

	// The KeyARN of the key material imported within Amazon Web Services Payment
	// Cryptography.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (ImportKeyOutput) GoString

func (s ImportKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportKeyOutput) SetKey

func (s *ImportKeyOutput) SetKey(v *Key) *ImportKeyOutput

SetKey sets the Key field's value.

func (ImportKeyOutput) String

func (s ImportKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ImportTr31KeyBlock

type ImportTr31KeyBlock struct {

	// The TR-34 wrapped key block to import.
	//
	// WrappedKeyBlock is a required field
	WrappedKeyBlock *string `min:"56" type:"string" required:"true"`

	// The KeyARN of the key that will decrypt or unwrap a TR-31 key block during
	// import.
	//
	// WrappingKeyIdentifier is a required field
	WrappingKeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Parameter information for key material import using TR-31 standard.

func (ImportTr31KeyBlock) GoString

func (s ImportTr31KeyBlock) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportTr31KeyBlock) SetWrappedKeyBlock

func (s *ImportTr31KeyBlock) SetWrappedKeyBlock(v string) *ImportTr31KeyBlock

SetWrappedKeyBlock sets the WrappedKeyBlock field's value.

func (*ImportTr31KeyBlock) SetWrappingKeyIdentifier

func (s *ImportTr31KeyBlock) SetWrappingKeyIdentifier(v string) *ImportTr31KeyBlock

SetWrappingKeyIdentifier sets the WrappingKeyIdentifier field's value.

func (ImportTr31KeyBlock) String

func (s ImportTr31KeyBlock) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportTr31KeyBlock) Validate

func (s *ImportTr31KeyBlock) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ImportTr34KeyBlock

type ImportTr34KeyBlock struct {

	// The KeyARN of the certificate chain that signs the signing key certificate
	// during TR-34 key import.
	//
	// CertificateAuthorityPublicKeyIdentifier is a required field
	CertificateAuthorityPublicKeyIdentifier *string `min:"7" type:"string" required:"true"`

	// The import token that initiates key import into Amazon Web Services Payment
	// Cryptography. It expires after 7 days. You can use the same import token
	// to import multiple keys to the same service account.
	//
	// ImportToken is a required field
	ImportToken *string `type:"string" required:"true"`

	// The key block format to use during key import. The only value allowed is
	// X9_TR34_2012.
	//
	// KeyBlockFormat is a required field
	KeyBlockFormat *string `type:"string" required:"true" enum:"Tr34KeyBlockFormat"`

	// A random number value that is unique to the TR-34 key block generated using
	// 2 pass. The operation will fail, if a random nonce value is not provided
	// for a TR-34 key block generated using 2 pass.
	RandomNonce *string `min:"16" type:"string"`

	// The public key component in PEM certificate format of the private key that
	// signs the KDH TR-34 wrapped key block.
	//
	// SigningKeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ImportTr34KeyBlock's
	// String and GoString methods.
	//
	// SigningKeyCertificate is a required field
	SigningKeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The TR-34 wrapped key block to import.
	//
	// WrappedKeyBlock is a required field
	WrappedKeyBlock *string `min:"2" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Parameter information for key material import using TR-34 standard.

func (ImportTr34KeyBlock) GoString

func (s ImportTr34KeyBlock) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportTr34KeyBlock) SetCertificateAuthorityPublicKeyIdentifier

func (s *ImportTr34KeyBlock) SetCertificateAuthorityPublicKeyIdentifier(v string) *ImportTr34KeyBlock

SetCertificateAuthorityPublicKeyIdentifier sets the CertificateAuthorityPublicKeyIdentifier field's value.

func (*ImportTr34KeyBlock) SetImportToken

func (s *ImportTr34KeyBlock) SetImportToken(v string) *ImportTr34KeyBlock

SetImportToken sets the ImportToken field's value.

func (*ImportTr34KeyBlock) SetKeyBlockFormat

func (s *ImportTr34KeyBlock) SetKeyBlockFormat(v string) *ImportTr34KeyBlock

SetKeyBlockFormat sets the KeyBlockFormat field's value.

func (*ImportTr34KeyBlock) SetRandomNonce

func (s *ImportTr34KeyBlock) SetRandomNonce(v string) *ImportTr34KeyBlock

SetRandomNonce sets the RandomNonce field's value.

func (*ImportTr34KeyBlock) SetSigningKeyCertificate

func (s *ImportTr34KeyBlock) SetSigningKeyCertificate(v string) *ImportTr34KeyBlock

SetSigningKeyCertificate sets the SigningKeyCertificate field's value.

func (*ImportTr34KeyBlock) SetWrappedKeyBlock

func (s *ImportTr34KeyBlock) SetWrappedKeyBlock(v string) *ImportTr34KeyBlock

SetWrappedKeyBlock sets the WrappedKeyBlock field's value.

func (ImportTr34KeyBlock) String

func (s ImportTr34KeyBlock) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ImportTr34KeyBlock) Validate

func (s *ImportTr34KeyBlock) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type InternalServerException

type InternalServerException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The request processing has failed because of an unknown error, exception, or failure.

func (*InternalServerException) Code

func (s *InternalServerException) Code() string

Code returns the exception type name.

func (*InternalServerException) Error

func (s *InternalServerException) Error() string

func (InternalServerException) GoString

func (s InternalServerException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InternalServerException) Message

func (s *InternalServerException) Message() string

Message returns the exception's message.

func (*InternalServerException) OrigErr

func (s *InternalServerException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InternalServerException) RequestID

func (s *InternalServerException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InternalServerException) StatusCode

func (s *InternalServerException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InternalServerException) String

func (s InternalServerException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Key

type Key struct {

	// The date and time when the key was created.
	//
	// CreateTimestamp is a required field
	CreateTimestamp *time.Time `type:"timestamp" required:"true"`

	// The date and time after which Amazon Web Services Payment Cryptography will
	// delete the key. This value is present only when KeyState is DELETE_PENDING
	// and the key is scheduled for deletion.
	DeletePendingTimestamp *time.Time `type:"timestamp"`

	// The date and time after which Amazon Web Services Payment Cryptography will
	// delete the key. This value is present only when when the KeyState is DELETE_COMPLETE
	// and the Amazon Web Services Payment Cryptography key is deleted.
	DeleteTimestamp *time.Time `type:"timestamp"`

	// Specifies whether the key is enabled.
	//
	// Enabled is a required field
	Enabled *bool `type:"boolean" required:"true"`

	// Specifies whether the key is exportable. This data is immutable after the
	// key is created.
	//
	// Exportable is a required field
	Exportable *bool `type:"boolean" required:"true"`

	// The Amazon Resource Name (ARN) of the key.
	//
	// KeyArn is a required field
	KeyArn *string `min:"70" type:"string" required:"true"`

	// The role of the key, the algorithm it supports, and the cryptographic operations
	// allowed with the key. This data is immutable after the key is created.
	//
	// KeyAttributes is a required field
	KeyAttributes *KeyAttributes `type:"structure" required:"true"`

	// The key check value (KCV) is used to check if all parties holding a given
	// key have the same key or to detect that a key has changed. Amazon Web Services
	// Payment Cryptography calculates the KCV by using standard algorithms, typically
	// by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result
	// to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.
	//
	// KeyCheckValue is a required field
	KeyCheckValue *string `min:"4" type:"string" required:"true"`

	// The algorithm used for calculating key check value (KCV) for DES and AES
	// keys. For a DES key, Amazon Web Services Payment Cryptography computes the
	// KCV by encrypting 8 bytes, each with value '00', with the key to be checked
	// and retaining the 3 highest order bytes of the encrypted result. For an AES
	// key, Amazon Web Services Payment Cryptography computes the KCV by encrypting
	// 8 bytes, each with value '01', with the key to be checked and retaining the
	// 3 highest order bytes of the encrypted result.
	//
	// KeyCheckValueAlgorithm is a required field
	KeyCheckValueAlgorithm *string `type:"string" required:"true" enum:"KeyCheckValueAlgorithm"`

	// The source of the key material. For keys created within Amazon Web Services
	// Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY. For keys imported
	// into Amazon Web Services Payment Cryptography, the value is EXTERNAL.
	//
	// KeyOrigin is a required field
	KeyOrigin *string `type:"string" required:"true" enum:"KeyOrigin"`

	// The state of key that is being created or deleted.
	//
	// KeyState is a required field
	KeyState *string `type:"string" required:"true" enum:"KeyState"`

	// The date and time after which Amazon Web Services Payment Cryptography will
	// start using the key material for cryptographic operations.
	UsageStartTimestamp *time.Time `type:"timestamp"`

	// The date and time after which Amazon Web Services Payment Cryptography will
	// stop using the key material for cryptographic operations.
	UsageStopTimestamp *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Metadata about an Amazon Web Services Payment Cryptography key.

func (Key) GoString

func (s Key) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Key) SetCreateTimestamp

func (s *Key) SetCreateTimestamp(v time.Time) *Key

SetCreateTimestamp sets the CreateTimestamp field's value.

func (*Key) SetDeletePendingTimestamp

func (s *Key) SetDeletePendingTimestamp(v time.Time) *Key

SetDeletePendingTimestamp sets the DeletePendingTimestamp field's value.

func (*Key) SetDeleteTimestamp

func (s *Key) SetDeleteTimestamp(v time.Time) *Key

SetDeleteTimestamp sets the DeleteTimestamp field's value.

func (*Key) SetEnabled

func (s *Key) SetEnabled(v bool) *Key

SetEnabled sets the Enabled field's value.

func (*Key) SetExportable

func (s *Key) SetExportable(v bool) *Key

SetExportable sets the Exportable field's value.

func (*Key) SetKeyArn

func (s *Key) SetKeyArn(v string) *Key

SetKeyArn sets the KeyArn field's value.

func (*Key) SetKeyAttributes

func (s *Key) SetKeyAttributes(v *KeyAttributes) *Key

SetKeyAttributes sets the KeyAttributes field's value.

func (*Key) SetKeyCheckValue

func (s *Key) SetKeyCheckValue(v string) *Key

SetKeyCheckValue sets the KeyCheckValue field's value.

func (*Key) SetKeyCheckValueAlgorithm

func (s *Key) SetKeyCheckValueAlgorithm(v string) *Key

SetKeyCheckValueAlgorithm sets the KeyCheckValueAlgorithm field's value.

func (*Key) SetKeyOrigin

func (s *Key) SetKeyOrigin(v string) *Key

SetKeyOrigin sets the KeyOrigin field's value.

func (*Key) SetKeyState

func (s *Key) SetKeyState(v string) *Key

SetKeyState sets the KeyState field's value.

func (*Key) SetUsageStartTimestamp

func (s *Key) SetUsageStartTimestamp(v time.Time) *Key

SetUsageStartTimestamp sets the UsageStartTimestamp field's value.

func (*Key) SetUsageStopTimestamp

func (s *Key) SetUsageStopTimestamp(v time.Time) *Key

SetUsageStopTimestamp sets the UsageStopTimestamp field's value.

func (Key) String

func (s Key) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type KeyAttributes

type KeyAttributes struct {

	// The key algorithm to be use during creation of an Amazon Web Services Payment
	// Cryptography key.
	//
	// For symmetric keys, Amazon Web Services Payment Cryptography supports AES
	// and TDES algorithms. For asymmetric keys, Amazon Web Services Payment Cryptography
	// supports RSA and ECC_NIST algorithms.
	//
	// KeyAlgorithm is a required field
	KeyAlgorithm *string `type:"string" required:"true" enum:"KeyAlgorithm"`

	// The type of Amazon Web Services Payment Cryptography key to create, which
	// determines the classification of the cryptographic method and whether Amazon
	// Web Services Payment Cryptography key contains a symmetric key or an asymmetric
	// key pair.
	//
	// KeyClass is a required field
	KeyClass *string `type:"string" required:"true" enum:"KeyClass"`

	// The list of cryptographic operations that you can perform using the key.
	//
	// KeyModesOfUse is a required field
	KeyModesOfUse *KeyModesOfUse `type:"structure" required:"true"`

	// The cryptographic usage of an Amazon Web Services Payment Cryptography key
	// as defined in section A.5.2 of the TR-31 spec.
	//
	// KeyUsage is a required field
	KeyUsage *string `type:"string" required:"true" enum:"KeyUsage"`
	// contains filtered or unexported fields
}

The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.

func (KeyAttributes) GoString

func (s KeyAttributes) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*KeyAttributes) SetKeyAlgorithm

func (s *KeyAttributes) SetKeyAlgorithm(v string) *KeyAttributes

SetKeyAlgorithm sets the KeyAlgorithm field's value.

func (*KeyAttributes) SetKeyClass

func (s *KeyAttributes) SetKeyClass(v string) *KeyAttributes

SetKeyClass sets the KeyClass field's value.

func (*KeyAttributes) SetKeyModesOfUse

func (s *KeyAttributes) SetKeyModesOfUse(v *KeyModesOfUse) *KeyAttributes

SetKeyModesOfUse sets the KeyModesOfUse field's value.

func (*KeyAttributes) SetKeyUsage

func (s *KeyAttributes) SetKeyUsage(v string) *KeyAttributes

SetKeyUsage sets the KeyUsage field's value.

func (KeyAttributes) String

func (s KeyAttributes) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*KeyAttributes) Validate

func (s *KeyAttributes) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type KeyModesOfUse

type KeyModesOfUse struct {

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to decrypt data.
	Decrypt *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to derive new keys.
	DeriveKey *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to encrypt data.
	Encrypt *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to generate and verify other card and PIN verification keys.
	Generate *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key has no
	// special restrictions other than the restrictions implied by KeyUsage.
	NoRestrictions *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used for signing.
	Sign *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to unwrap other keys.
	Unwrap *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to verify signatures.
	Verify *bool `type:"boolean"`

	// Specifies whether an Amazon Web Services Payment Cryptography key can be
	// used to wrap other keys.
	Wrap *bool `type:"boolean"`
	// contains filtered or unexported fields
}

The list of cryptographic operations that you can perform using the key. The modes of use are defined in section A.5.3 of the TR-31 spec.

func (KeyModesOfUse) GoString

func (s KeyModesOfUse) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*KeyModesOfUse) SetDecrypt

func (s *KeyModesOfUse) SetDecrypt(v bool) *KeyModesOfUse

SetDecrypt sets the Decrypt field's value.

func (*KeyModesOfUse) SetDeriveKey

func (s *KeyModesOfUse) SetDeriveKey(v bool) *KeyModesOfUse

SetDeriveKey sets the DeriveKey field's value.

func (*KeyModesOfUse) SetEncrypt

func (s *KeyModesOfUse) SetEncrypt(v bool) *KeyModesOfUse

SetEncrypt sets the Encrypt field's value.

func (*KeyModesOfUse) SetGenerate

func (s *KeyModesOfUse) SetGenerate(v bool) *KeyModesOfUse

SetGenerate sets the Generate field's value.

func (*KeyModesOfUse) SetNoRestrictions

func (s *KeyModesOfUse) SetNoRestrictions(v bool) *KeyModesOfUse

SetNoRestrictions sets the NoRestrictions field's value.

func (*KeyModesOfUse) SetSign

func (s *KeyModesOfUse) SetSign(v bool) *KeyModesOfUse

SetSign sets the Sign field's value.

func (*KeyModesOfUse) SetUnwrap

func (s *KeyModesOfUse) SetUnwrap(v bool) *KeyModesOfUse

SetUnwrap sets the Unwrap field's value.

func (*KeyModesOfUse) SetVerify

func (s *KeyModesOfUse) SetVerify(v bool) *KeyModesOfUse

SetVerify sets the Verify field's value.

func (*KeyModesOfUse) SetWrap

func (s *KeyModesOfUse) SetWrap(v bool) *KeyModesOfUse

SetWrap sets the Wrap field's value.

func (KeyModesOfUse) String

func (s KeyModesOfUse) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type KeySummary

type KeySummary struct {

	// Specifies whether the key is enabled.
	//
	// Enabled is a required field
	Enabled *bool `type:"boolean" required:"true"`

	// Specifies whether the key is exportable. This data is immutable after the
	// key is created.
	//
	// Exportable is a required field
	Exportable *bool `type:"boolean" required:"true"`

	// The Amazon Resource Name (ARN) of the key.
	//
	// KeyArn is a required field
	KeyArn *string `min:"70" type:"string" required:"true"`

	// The role of the key, the algorithm it supports, and the cryptographic operations
	// allowed with the key. This data is immutable after the key is created.
	//
	// KeyAttributes is a required field
	KeyAttributes *KeyAttributes `type:"structure" required:"true"`

	// The key check value (KCV) is used to check if all parties holding a given
	// key have the same key or to detect that a key has changed. Amazon Web Services
	// Payment Cryptography calculates the KCV by using standard algorithms, typically
	// by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result
	// to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.
	//
	// KeyCheckValue is a required field
	KeyCheckValue *string `min:"4" type:"string" required:"true"`

	// The state of an Amazon Web Services Payment Cryptography that is being created
	// or deleted.
	//
	// KeyState is a required field
	KeyState *string `type:"string" required:"true" enum:"KeyState"`
	// contains filtered or unexported fields
}

Metadata about an Amazon Web Services Payment Cryptography key.

func (KeySummary) GoString

func (s KeySummary) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*KeySummary) SetEnabled

func (s *KeySummary) SetEnabled(v bool) *KeySummary

SetEnabled sets the Enabled field's value.

func (*KeySummary) SetExportable

func (s *KeySummary) SetExportable(v bool) *KeySummary

SetExportable sets the Exportable field's value.

func (*KeySummary) SetKeyArn

func (s *KeySummary) SetKeyArn(v string) *KeySummary

SetKeyArn sets the KeyArn field's value.

func (*KeySummary) SetKeyAttributes

func (s *KeySummary) SetKeyAttributes(v *KeyAttributes) *KeySummary

SetKeyAttributes sets the KeyAttributes field's value.

func (*KeySummary) SetKeyCheckValue

func (s *KeySummary) SetKeyCheckValue(v string) *KeySummary

SetKeyCheckValue sets the KeyCheckValue field's value.

func (*KeySummary) SetKeyState

func (s *KeySummary) SetKeyState(v string) *KeySummary

SetKeyState sets the KeyState field's value.

func (KeySummary) String

func (s KeySummary) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListAliasesInput

type ListAliasesInput struct {

	// Use this parameter to specify the maximum number of items to return. When
	// this value is present, Amazon Web Services Payment Cryptography does not
	// return more than the specified number of items, but it might return fewer.
	//
	// This value is optional. If you include a value, it must be between 1 and
	// 100, inclusive. If you do not include a value, it defaults to 50.
	MaxResults *int64 `min:"1" type:"integer"`

	// Use this parameter in a subsequent request after you receive a response with
	// truncated results. Set it to the value of NextToken from the truncated response
	// you just received.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAliasesInput) GoString

func (s ListAliasesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAliasesInput) SetMaxResults

func (s *ListAliasesInput) SetMaxResults(v int64) *ListAliasesInput

SetMaxResults sets the MaxResults field's value.

func (*ListAliasesInput) SetNextToken

func (s *ListAliasesInput) SetNextToken(v string) *ListAliasesInput

SetNextToken sets the NextToken field's value.

func (ListAliasesInput) String

func (s ListAliasesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAliasesInput) Validate

func (s *ListAliasesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAliasesOutput

type ListAliasesOutput struct {

	// The list of aliases. Each alias describes the KeyArn contained within.
	//
	// Aliases is a required field
	Aliases []*Alias `type:"list" required:"true"`

	// The token for the next set of results, or an empty or null value if there
	// are no more results.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAliasesOutput) GoString

func (s ListAliasesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAliasesOutput) SetAliases

func (s *ListAliasesOutput) SetAliases(v []*Alias) *ListAliasesOutput

SetAliases sets the Aliases field's value.

func (*ListAliasesOutput) SetNextToken

func (s *ListAliasesOutput) SetNextToken(v string) *ListAliasesOutput

SetNextToken sets the NextToken field's value.

func (ListAliasesOutput) String

func (s ListAliasesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListKeysInput

type ListKeysInput struct {

	// The key state of the keys you want to list.
	KeyState *string `type:"string" enum:"KeyState"`

	// Use this parameter to specify the maximum number of items to return. When
	// this value is present, Amazon Web Services Payment Cryptography does not
	// return more than the specified number of items, but it might return fewer.
	MaxResults *int64 `min:"1" type:"integer"`

	// Use this parameter in a subsequent request after you receive a response with
	// truncated results. Set it to the value of NextToken from the truncated response
	// you just received.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListKeysInput) GoString

func (s ListKeysInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListKeysInput) SetKeyState

func (s *ListKeysInput) SetKeyState(v string) *ListKeysInput

SetKeyState sets the KeyState field's value.

func (*ListKeysInput) SetMaxResults

func (s *ListKeysInput) SetMaxResults(v int64) *ListKeysInput

SetMaxResults sets the MaxResults field's value.

func (*ListKeysInput) SetNextToken

func (s *ListKeysInput) SetNextToken(v string) *ListKeysInput

SetNextToken sets the NextToken field's value.

func (ListKeysInput) String

func (s ListKeysInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListKeysInput) Validate

func (s *ListKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListKeysOutput

type ListKeysOutput struct {

	// The list of keys created within the caller's Amazon Web Services account
	// and Amazon Web Services Region.
	//
	// Keys is a required field
	Keys []*KeySummary `type:"list" required:"true"`

	// The token for the next set of results, or an empty or null value if there
	// are no more results.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListKeysOutput) GoString

func (s ListKeysOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListKeysOutput) SetKeys

func (s *ListKeysOutput) SetKeys(v []*KeySummary) *ListKeysOutput

SetKeys sets the Keys field's value.

func (*ListKeysOutput) SetNextToken

func (s *ListKeysOutput) SetNextToken(v string) *ListKeysOutput

SetNextToken sets the NextToken field's value.

func (ListKeysOutput) String

func (s ListKeysOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListTagsForResourceInput

type ListTagsForResourceInput struct {

	// Use this parameter to specify the maximum number of items to return. When
	// this value is present, Amazon Web Services Payment Cryptography does not
	// return more than the specified number of items, but it might return fewer.
	MaxResults *int64 `min:"1" type:"integer"`

	// Use this parameter in a subsequent request after you receive a response with
	// truncated results. Set it to the value of NextToken from the truncated response
	// you just received.
	NextToken *string `min:"1" type:"string"`

	// The KeyARN of the key whose tags you are getting.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"70" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListTagsForResourceInput) GoString

func (s ListTagsForResourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListTagsForResourceInput) SetMaxResults

SetMaxResults sets the MaxResults field's value.

func (*ListTagsForResourceInput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListTagsForResourceInput) SetResourceArn

SetResourceArn sets the ResourceArn field's value.

func (ListTagsForResourceInput) String

func (s ListTagsForResourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListTagsForResourceInput) Validate

func (s *ListTagsForResourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListTagsForResourceOutput

type ListTagsForResourceOutput struct {

	// The token for the next set of results, or an empty or null value if there
	// are no more results.
	NextToken *string `min:"1" type:"string"`

	// The list of tags associated with a ResourceArn. Each tag will list the key-value
	// pair contained within that tag.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListTagsForResourceOutput) GoString

func (s ListTagsForResourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListTagsForResourceOutput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListTagsForResourceOutput) SetTags

SetTags sets the Tags field's value.

func (ListTagsForResourceOutput) String

func (s ListTagsForResourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PaymentCryptography

type PaymentCryptography struct {
	*client.Client
}

PaymentCryptography provides the API operation methods for making requests to Payment Cryptography Control Plane. See this package's package overview docs for details on the service.

PaymentCryptography methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

New creates a new instance of the PaymentCryptography client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

mySession := session.Must(session.NewSession())

// Create a PaymentCryptography client from just a session.
svc := paymentcryptography.New(mySession)

// Create a PaymentCryptography client with additional configuration
svc := paymentcryptography.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*PaymentCryptography) CreateAlias

func (c *PaymentCryptography) CreateAlias(input *CreateAliasInput) (*CreateAliasOutput, error)

CreateAlias API operation for Payment Cryptography Control Plane.

Creates an alias, or a friendly name, for an Amazon Web Services Payment Cryptography key. You can use an alias to identify a key in the console and when you call cryptographic operations such as EncryptData (https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_EncryptData.html) or DecryptData (https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_DecryptData.html).

You can associate the alias with any key in the same Amazon Web Services Region. Each alias is associated with only one key at a time, but a key can have multiple aliases. You can't create an alias without a key. The alias must be unique in the account and Amazon Web Services Region, but you can create another alias with the same name in a different Amazon Web Services Region.

To change the key that's associated with the alias, call UpdateAlias. To delete the alias, call DeleteAlias. These operations don't affect the underlying key. To get the alias that you created, call ListAliases.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • DeleteAlias

  • GetAlias

  • ListAliases

  • UpdateAlias

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation CreateAlias for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/CreateAlias

func (*PaymentCryptography) CreateAliasRequest

func (c *PaymentCryptography) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, output *CreateAliasOutput)

CreateAliasRequest generates a "aws/request.Request" representing the client's request for the CreateAlias operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAlias for more information on using the CreateAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAliasRequest method.
req, resp := client.CreateAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/CreateAlias

func (*PaymentCryptography) CreateAliasWithContext

func (c *PaymentCryptography) CreateAliasWithContext(ctx aws.Context, input *CreateAliasInput, opts ...request.Option) (*CreateAliasOutput, error)

CreateAliasWithContext is the same as CreateAlias with the addition of the ability to pass a context and additional request options.

See CreateAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) CreateKey

func (c *PaymentCryptography) CreateKey(input *CreateKeyInput) (*CreateKeyOutput, error)

CreateKey API operation for Payment Cryptography Control Plane.

Creates an Amazon Web Services Payment Cryptography key, a logical representation of a cryptographic key, that is unique in your account and Amazon Web Services Region. You use keys for cryptographic functions such as encryption and decryption.

In addition to the key material used in cryptographic operations, an Amazon Web Services Payment Cryptography key includes metadata such as the key ARN, key usage, key origin, creation date, description, and key state.

When you create a key, you specify both immutable and mutable data about the key. The immutable data contains key attributes that defines the scope and cryptographic operations that you can perform using the key, for example key class (example: SYMMETRIC_KEY), key algorithm (example: TDES_2KEY), key usage (example: TR31_P0_PIN_ENCRYPTION_KEY) and key modes of use (example: Encrypt). For information about valid combinations of key attributes, see Understanding key attributes (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html) in the Amazon Web Services Payment Cryptography User Guide. The mutable data contained within a key includes usage timestamp and key deletion timestamp and can be modified after creation.

Amazon Web Services Payment Cryptography binds key attributes to keys using key blocks when you store or export them. Amazon Web Services Payment Cryptography stores the key contents wrapped and never stores or transmits them in the clear.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • DeleteKey

  • GetKey

  • ListKeys

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation CreateKey for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/CreateKey

func (*PaymentCryptography) CreateKeyRequest

func (c *PaymentCryptography) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, output *CreateKeyOutput)

CreateKeyRequest generates a "aws/request.Request" representing the client's request for the CreateKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateKey for more information on using the CreateKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateKeyRequest method.
req, resp := client.CreateKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/CreateKey

func (*PaymentCryptography) CreateKeyWithContext

func (c *PaymentCryptography) CreateKeyWithContext(ctx aws.Context, input *CreateKeyInput, opts ...request.Option) (*CreateKeyOutput, error)

CreateKeyWithContext is the same as CreateKey with the addition of the ability to pass a context and additional request options.

See CreateKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) DeleteAlias

func (c *PaymentCryptography) DeleteAlias(input *DeleteAliasInput) (*DeleteAliasOutput, error)

DeleteAlias API operation for Payment Cryptography Control Plane.

Deletes the alias, but doesn't affect the underlying key.

Each key can have multiple aliases. To get the aliases of all keys, use the ListAliases operation. To change the alias of a key, first use DeleteAlias to delete the current alias and then use CreateAlias to create a new alias. To associate an existing alias with a different key, call UpdateAlias.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • CreateAlias

  • GetAlias

  • ListAliases

  • UpdateAlias

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation DeleteAlias for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteAlias

func (*PaymentCryptography) DeleteAliasRequest

func (c *PaymentCryptography) DeleteAliasRequest(input *DeleteAliasInput) (req *request.Request, output *DeleteAliasOutput)

DeleteAliasRequest generates a "aws/request.Request" representing the client's request for the DeleteAlias operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAlias for more information on using the DeleteAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAliasRequest method.
req, resp := client.DeleteAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteAlias

func (*PaymentCryptography) DeleteAliasWithContext

func (c *PaymentCryptography) DeleteAliasWithContext(ctx aws.Context, input *DeleteAliasInput, opts ...request.Option) (*DeleteAliasOutput, error)

DeleteAliasWithContext is the same as DeleteAlias with the addition of the ability to pass a context and additional request options.

See DeleteAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) DeleteKey

func (c *PaymentCryptography) DeleteKey(input *DeleteKeyInput) (*DeleteKeyOutput, error)

DeleteKey API operation for Payment Cryptography Control Plane.

Deletes the key material and all metadata associated with Amazon Web Services Payment Cryptography key.

Key deletion is irreversible. After a key is deleted, you can't perform cryptographic operations using the key. For example, you can't decrypt data that was encrypted by a deleted Amazon Web Services Payment Cryptography key, and the data may become unrecoverable. Because key deletion is destructive, Amazon Web Services Payment Cryptography has a safety mechanism to prevent accidental deletion of a key. When you call this operation, Amazon Web Services Payment Cryptography disables the specified key but doesn't delete it until after a waiting period. The default waiting period is 7 days. To set a different waiting period, set DeleteKeyInDays. During the waiting period, the KeyState is DELETE_PENDING. After the key is deleted, the KeyState is DELETE_COMPLETE.

If you delete key material, you can use ImportKey to reimport the same key material into the Amazon Web Services Payment Cryptography key.

You should delete a key only when you are sure that you don't need to use it anymore and no other parties are utilizing this key. If you aren't sure, consider deactivating it instead by calling StopKeyUsage.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • RestoreKey

  • StartKeyUsage

  • StopKeyUsage

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation DeleteKey for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteKey

func (*PaymentCryptography) DeleteKeyRequest

func (c *PaymentCryptography) DeleteKeyRequest(input *DeleteKeyInput) (req *request.Request, output *DeleteKeyOutput)

DeleteKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteKey for more information on using the DeleteKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteKeyRequest method.
req, resp := client.DeleteKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteKey

func (*PaymentCryptography) DeleteKeyWithContext

func (c *PaymentCryptography) DeleteKeyWithContext(ctx aws.Context, input *DeleteKeyInput, opts ...request.Option) (*DeleteKeyOutput, error)

DeleteKeyWithContext is the same as DeleteKey with the addition of the ability to pass a context and additional request options.

See DeleteKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ExportKey

func (c *PaymentCryptography) ExportKey(input *ExportKeyInput) (*ExportKeyOutput, error)

ExportKey API operation for Payment Cryptography Control Plane.

Exports a key from Amazon Web Services Payment Cryptography using either ANSI X9 TR-34 or TR-31 key export standard.

Amazon Web Services Payment Cryptography simplifies main or root key exchange process by eliminating the need of a paper-based key exchange process. It takes a modern and secure approach based of the ANSI X9 TR-34 key exchange standard.

You can use ExportKey to export main or root keys such as KEK (Key Encryption Key), using asymmetric key exchange technique following ANSI X9 TR-34 standard. The ANSI X9 TR-34 standard uses asymmetric keys to establishes bi-directional trust between the two parties exchanging keys. After which you can export working keys using the ANSI X9 TR-31 symmetric key exchange standard as mandated by PCI PIN. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography

TR-34 key export

Amazon Web Services Payment Cryptography uses TR-34 asymmetric key exchange standard to export main keys such as KEK. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Host (KRH). In key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export. KRH is the user receiving the key. Before you initiate TR-34 key export, you must obtain an export token by calling GetParametersForExport. This operation also returns the signing key certificate that KDH uses to sign the wrapped key to generate a TR-34 wrapped key block. The export token expires after 7 days.

Set the following parameters:

CertificateAuthorityPublicKeyIdentifier

The KeyARN of the certificate chain that will sign the wrapping key certificate. This must exist within Amazon Web Services Payment Cryptography before you initiate TR-34 key export. If it does not exist, you can import it by calling ImportKey for RootCertificatePublicKey.

ExportToken

Obtained from KDH by calling GetParametersForExport.

WrappingKeyCertificate

Amazon Web Services Payment Cryptography uses this to wrap the key under export.

When this operation is successful, Amazon Web Services Payment Cryptography returns the TR-34 wrapped key block.

TR-31 key export

Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange standard to export working keys. In TR-31, you must use a main key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can use CreateKey or ImportKey. When this operation is successful, Amazon Web Services Payment Cryptography returns a TR-31 wrapped key block.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • GetParametersForExport

  • ImportKey

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation ExportKey for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKey

func (*PaymentCryptography) ExportKeyRequest

func (c *PaymentCryptography) ExportKeyRequest(input *ExportKeyInput) (req *request.Request, output *ExportKeyOutput)

ExportKeyRequest generates a "aws/request.Request" representing the client's request for the ExportKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ExportKey for more information on using the ExportKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ExportKeyRequest method.
req, resp := client.ExportKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKey

func (*PaymentCryptography) ExportKeyWithContext

func (c *PaymentCryptography) ExportKeyWithContext(ctx aws.Context, input *ExportKeyInput, opts ...request.Option) (*ExportKeyOutput, error)

ExportKeyWithContext is the same as ExportKey with the addition of the ability to pass a context and additional request options.

See ExportKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) GetAlias

func (c *PaymentCryptography) GetAlias(input *GetAliasInput) (*GetAliasOutput, error)

GetAlias API operation for Payment Cryptography Control Plane.

Gets the Amazon Web Services Payment Cryptography key associated with the alias.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • CreateAlias

  • DeleteAlias

  • ListAliases

  • UpdateAlias

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation GetAlias for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetAlias

func (*PaymentCryptography) GetAliasRequest

func (c *PaymentCryptography) GetAliasRequest(input *GetAliasInput) (req *request.Request, output *GetAliasOutput)

GetAliasRequest generates a "aws/request.Request" representing the client's request for the GetAlias operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAlias for more information on using the GetAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAliasRequest method.
req, resp := client.GetAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetAlias

func (*PaymentCryptography) GetAliasWithContext

func (c *PaymentCryptography) GetAliasWithContext(ctx aws.Context, input *GetAliasInput, opts ...request.Option) (*GetAliasOutput, error)

GetAliasWithContext is the same as GetAlias with the addition of the ability to pass a context and additional request options.

See GetAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) GetKey

func (c *PaymentCryptography) GetKey(input *GetKeyInput) (*GetKeyOutput, error)

GetKey API operation for Payment Cryptography Control Plane.

Gets the key material for an Amazon Web Services Payment Cryptography key, including the immutable and mutable data specified when the key was created.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • CreateKey

  • DeleteKey

  • ListKeys

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation GetKey for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetKey

func (*PaymentCryptography) GetKeyRequest

func (c *PaymentCryptography) GetKeyRequest(input *GetKeyInput) (req *request.Request, output *GetKeyOutput)

GetKeyRequest generates a "aws/request.Request" representing the client's request for the GetKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetKey for more information on using the GetKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetKeyRequest method.
req, resp := client.GetKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetKey

func (*PaymentCryptography) GetKeyWithContext

func (c *PaymentCryptography) GetKeyWithContext(ctx aws.Context, input *GetKeyInput, opts ...request.Option) (*GetKeyOutput, error)

GetKeyWithContext is the same as GetKey with the addition of the ability to pass a context and additional request options.

See GetKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) GetParametersForExport

GetParametersForExport API operation for Payment Cryptography Control Plane.

Gets the export token and the signing key certificate to initiate a TR-34 key export from Amazon Web Services Payment Cryptography.

The signing key certificate signs the wrapped key under export within the TR-34 key payload. The export token and signing key certificate must be in place and operational before calling ExportKey. The export token expires in 7 days. You can use the same export token to export multiple keys from your service account.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • ExportKey

  • GetParametersForImport

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation GetParametersForExport for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForExport

func (*PaymentCryptography) GetParametersForExportRequest

func (c *PaymentCryptography) GetParametersForExportRequest(input *GetParametersForExportInput) (req *request.Request, output *GetParametersForExportOutput)

GetParametersForExportRequest generates a "aws/request.Request" representing the client's request for the GetParametersForExport operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetParametersForExport for more information on using the GetParametersForExport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetParametersForExportRequest method.
req, resp := client.GetParametersForExportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForExport

func (*PaymentCryptography) GetParametersForExportWithContext

func (c *PaymentCryptography) GetParametersForExportWithContext(ctx aws.Context, input *GetParametersForExportInput, opts ...request.Option) (*GetParametersForExportOutput, error)

GetParametersForExportWithContext is the same as GetParametersForExport with the addition of the ability to pass a context and additional request options.

See GetParametersForExport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) GetParametersForImport

GetParametersForImport API operation for Payment Cryptography Control Plane.

Gets the import token and the wrapping key certificate to initiate a TR-34 key import into Amazon Web Services Payment Cryptography.

The wrapping key certificate wraps the key under import within the TR-34 key payload. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. The same import token can be used to import multiple keys into your service account.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • GetParametersForExport

  • ImportKey

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation GetParametersForImport for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForImport

func (*PaymentCryptography) GetParametersForImportRequest

func (c *PaymentCryptography) GetParametersForImportRequest(input *GetParametersForImportInput) (req *request.Request, output *GetParametersForImportOutput)

GetParametersForImportRequest generates a "aws/request.Request" representing the client's request for the GetParametersForImport operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetParametersForImport for more information on using the GetParametersForImport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetParametersForImportRequest method.
req, resp := client.GetParametersForImportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForImport

func (*PaymentCryptography) GetParametersForImportWithContext

func (c *PaymentCryptography) GetParametersForImportWithContext(ctx aws.Context, input *GetParametersForImportInput, opts ...request.Option) (*GetParametersForImportOutput, error)

GetParametersForImportWithContext is the same as GetParametersForImport with the addition of the ability to pass a context and additional request options.

See GetParametersForImport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) GetPublicKeyCertificate

GetPublicKeyCertificate API operation for Payment Cryptography Control Plane.

Gets the public key certificate of the asymmetric key pair that exists within Amazon Web Services Payment Cryptography.

Unlike the private key of an asymmetric key, which never leaves Amazon Web Services Payment Cryptography unencrypted, callers with GetPublicKeyCertificate permission can download the public key certificate of the asymmetric key. You can share the public key certificate to allow others to encrypt messages and verify signatures outside of Amazon Web Services Payment Cryptography

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation GetPublicKeyCertificate for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetPublicKeyCertificate

func (*PaymentCryptography) GetPublicKeyCertificateRequest

func (c *PaymentCryptography) GetPublicKeyCertificateRequest(input *GetPublicKeyCertificateInput) (req *request.Request, output *GetPublicKeyCertificateOutput)

GetPublicKeyCertificateRequest generates a "aws/request.Request" representing the client's request for the GetPublicKeyCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPublicKeyCertificate for more information on using the GetPublicKeyCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPublicKeyCertificateRequest method.
req, resp := client.GetPublicKeyCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetPublicKeyCertificate

func (*PaymentCryptography) GetPublicKeyCertificateWithContext

func (c *PaymentCryptography) GetPublicKeyCertificateWithContext(ctx aws.Context, input *GetPublicKeyCertificateInput, opts ...request.Option) (*GetPublicKeyCertificateOutput, error)

GetPublicKeyCertificateWithContext is the same as GetPublicKeyCertificate with the addition of the ability to pass a context and additional request options.

See GetPublicKeyCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ImportKey

func (c *PaymentCryptography) ImportKey(input *ImportKeyInput) (*ImportKeyOutput, error)

ImportKey API operation for Payment Cryptography Control Plane.

Imports keys and public key certificates into Amazon Web Services Payment Cryptography.

Amazon Web Services Payment Cryptography simplifies main or root key exchange process by eliminating the need of a paper-based key exchange process. It takes a modern and secure approach based of the ANSI X9 TR-34 key exchange standard.

You can use ImportKey to import main or root keys such as KEK (Key Encryption Key) using asymmetric key exchange technique following the ANSI X9 TR-34 standard. The ANSI X9 TR-34 standard uses asymmetric keys to establishes bi-directional trust between the two parties exchanging keys.

After you have imported a main or root key, you can import working keys to perform various cryptographic operations within Amazon Web Services Payment Cryptography using the ANSI X9 TR-31 symmetric key exchange standard as mandated by PCI PIN.

You can also import a root public key certificate, a self-signed certificate used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate.

To import a public root key certificate

Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account.

Set the following parameters:

  • KeyMaterial: RootCertificatePublicKey

  • KeyClass: PUBLIC_KEY

  • KeyModesOfUse: Verify

  • KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE

  • PublicKeyCertificate: The certificate authority used to sign the root public key certificate.

To import a trusted public key certificate

The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters:

  • KeyMaterial: TrustedCertificatePublicKey

  • CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey.

  • KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform.

  • PublicKeyCertificate: The certificate authority used to sign the trusted public key certificate.

Import main keys

Amazon Web Services Payment Cryptography uses TR-34 asymmetric key exchange standard to import main keys such as KEK. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Host (KRH). During the key import process, KDH is the user who initiates the key import and KRH is Amazon Web Services Payment Cryptography who receives the key. Before initiating TR-34 key import, you must obtain an import token by calling GetParametersForImport. This operation also returns the wrapping key certificate that KDH uses wrap key under import to generate a TR-34 wrapped key block. The import token expires after 7 days.

Set the following parameters:

  • CertificateAuthorityPublicKeyIdentifier: The KeyArn of the certificate chain that will sign the signing key certificate and should exist within Amazon Web Services Payment Cryptography before initiating TR-34 key import. If it does not exist, you can import it by calling by calling ImportKey for RootCertificatePublicKey.

  • ImportToken: Obtained from KRH by calling GetParametersForImport.

  • WrappedKeyBlock: The TR-34 wrapped key block from KDH. It contains the KDH key under import, wrapped with KRH provided wrapping key certificate and signed by the KDH private signing key. This TR-34 key block is generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography.

  • SigningKeyCertificate: The public component of the private key that signed the KDH TR-34 wrapped key block. In PEM certificate format.

TR-34 is intended primarily to exchange 3DES keys. Your ability to export AES-128 and larger AES keys may be dependent on your source system.

Import working keys

Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange standard to import working keys. A KEK must be established within Amazon Web Services Payment Cryptography by using TR-34 key import. To initiate a TR-31 key import, set the following parameters:

  • WrappedKeyBlock: The key under import and encrypted using KEK. The TR-31 key block generated by your HSM outside of Amazon Web Services Payment Cryptography.

  • WrappingKeyIdentifier: The KeyArn of the KEK that Amazon Web Services Payment Cryptography uses to decrypt or unwrap the key under import.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • ExportKey

  • GetParametersForImport

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation ImportKey for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKey

func (*PaymentCryptography) ImportKeyRequest

func (c *PaymentCryptography) ImportKeyRequest(input *ImportKeyInput) (req *request.Request, output *ImportKeyOutput)

ImportKeyRequest generates a "aws/request.Request" representing the client's request for the ImportKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ImportKey for more information on using the ImportKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ImportKeyRequest method.
req, resp := client.ImportKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKey

func (*PaymentCryptography) ImportKeyWithContext

func (c *PaymentCryptography) ImportKeyWithContext(ctx aws.Context, input *ImportKeyInput, opts ...request.Option) (*ImportKeyOutput, error)

ImportKeyWithContext is the same as ImportKey with the addition of the ability to pass a context and additional request options.

See ImportKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ListAliases

func (c *PaymentCryptography) ListAliases(input *ListAliasesInput) (*ListAliasesOutput, error)

ListAliases API operation for Payment Cryptography Control Plane.

Lists the aliases for all keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the list of aliases. For more information, see Using aliases (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-managealias.html) in the Amazon Web Services Payment Cryptography User Guide.

This is a paginated operation, which means that each response might contain only a subset of all the aliases. When the response contains only a subset of aliases, it includes a NextToken value. Use this value in a subsequent ListAliases request to get more aliases. When you receive a response with no NextToken (or an empty or null value), that means there are no more aliases to get.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • CreateAlias

  • DeleteAlias

  • GetAlias

  • UpdateAlias

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation ListAliases for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListAliases

func (*PaymentCryptography) ListAliasesPages

func (c *PaymentCryptography) ListAliasesPages(input *ListAliasesInput, fn func(*ListAliasesOutput, bool) bool) error

ListAliasesPages iterates over the pages of a ListAliases operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAliases method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAliases operation.
pageNum := 0
err := client.ListAliasesPages(params,
    func(page *paymentcryptography.ListAliasesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*PaymentCryptography) ListAliasesPagesWithContext

func (c *PaymentCryptography) ListAliasesPagesWithContext(ctx aws.Context, input *ListAliasesInput, fn func(*ListAliasesOutput, bool) bool, opts ...request.Option) error

ListAliasesPagesWithContext same as ListAliasesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ListAliasesRequest

func (c *PaymentCryptography) ListAliasesRequest(input *ListAliasesInput) (req *request.Request, output *ListAliasesOutput)

ListAliasesRequest generates a "aws/request.Request" representing the client's request for the ListAliases operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAliases for more information on using the ListAliases API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAliasesRequest method.
req, resp := client.ListAliasesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListAliases

func (*PaymentCryptography) ListAliasesWithContext

func (c *PaymentCryptography) ListAliasesWithContext(ctx aws.Context, input *ListAliasesInput, opts ...request.Option) (*ListAliasesOutput, error)

ListAliasesWithContext is the same as ListAliases with the addition of the ability to pass a context and additional request options.

See ListAliases for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ListKeys

func (c *PaymentCryptography) ListKeys(input *ListKeysInput) (*ListKeysOutput, error)

ListKeys API operation for Payment Cryptography Control Plane.

Lists the keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the list of keys.

This is a paginated operation, which means that each response might contain only a subset of all the keys. When the response contains only a subset of keys, it includes a NextToken value. Use this value in a subsequent ListKeys request to get more keys. When you receive a response with no NextToken (or an empty or null value), that means there are no more keys to get.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • CreateKey

  • DeleteKey

  • GetKey

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation ListKeys for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListKeys

func (*PaymentCryptography) ListKeysPages

func (c *PaymentCryptography) ListKeysPages(input *ListKeysInput, fn func(*ListKeysOutput, bool) bool) error

ListKeysPages iterates over the pages of a ListKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListKeys operation.
pageNum := 0
err := client.ListKeysPages(params,
    func(page *paymentcryptography.ListKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*PaymentCryptography) ListKeysPagesWithContext

func (c *PaymentCryptography) ListKeysPagesWithContext(ctx aws.Context, input *ListKeysInput, fn func(*ListKeysOutput, bool) bool, opts ...request.Option) error

ListKeysPagesWithContext same as ListKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ListKeysRequest

func (c *PaymentCryptography) ListKeysRequest(input *ListKeysInput) (req *request.Request, output *ListKeysOutput)

ListKeysRequest generates a "aws/request.Request" representing the client's request for the ListKeys operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListKeys for more information on using the ListKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListKeysRequest method.
req, resp := client.ListKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListKeys

func (*PaymentCryptography) ListKeysWithContext

func (c *PaymentCryptography) ListKeysWithContext(ctx aws.Context, input *ListKeysInput, opts ...request.Option) (*ListKeysOutput, error)

ListKeysWithContext is the same as ListKeys with the addition of the ability to pass a context and additional request options.

See ListKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ListTagsForResource

ListTagsForResource API operation for Payment Cryptography Control Plane.

Lists the tags for an Amazon Web Services resource.

This is a paginated operation, which means that each response might contain only a subset of all the tags. When the response contains only a subset of tags, it includes a NextToken value. Use this value in a subsequent ListTagsForResource request to get more tags. When you receive a response with no NextToken (or an empty or null value), that means there are no more tags to get.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • TagResource

  • UntagResource

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation ListTagsForResource for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListTagsForResource

func (*PaymentCryptography) ListTagsForResourcePages

func (c *PaymentCryptography) ListTagsForResourcePages(input *ListTagsForResourceInput, fn func(*ListTagsForResourceOutput, bool) bool) error

ListTagsForResourcePages iterates over the pages of a ListTagsForResource operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListTagsForResource method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListTagsForResource operation.
pageNum := 0
err := client.ListTagsForResourcePages(params,
    func(page *paymentcryptography.ListTagsForResourceOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*PaymentCryptography) ListTagsForResourcePagesWithContext

func (c *PaymentCryptography) ListTagsForResourcePagesWithContext(ctx aws.Context, input *ListTagsForResourceInput, fn func(*ListTagsForResourceOutput, bool) bool, opts ...request.Option) error

ListTagsForResourcePagesWithContext same as ListTagsForResourcePages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) ListTagsForResourceRequest

func (c *PaymentCryptography) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput)

ListTagsForResourceRequest generates a "aws/request.Request" representing the client's request for the ListTagsForResource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListTagsForResource for more information on using the ListTagsForResource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListTagsForResourceRequest method.
req, resp := client.ListTagsForResourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListTagsForResource

func (*PaymentCryptography) ListTagsForResourceWithContext

func (c *PaymentCryptography) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error)

ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of the ability to pass a context and additional request options.

See ListTagsForResource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) RestoreKey

func (c *PaymentCryptography) RestoreKey(input *RestoreKeyInput) (*RestoreKeyOutput, error)

RestoreKey API operation for Payment Cryptography Control Plane.

Cancels a scheduled key deletion during the waiting period. Use this operation to restore a Key that is scheduled for deletion.

During the waiting period, the KeyState is DELETE_PENDING and deletePendingTimestamp contains the date and time after which the Key will be deleted. After Key is restored, the KeyState is CREATE_COMPLETE, and the value for deletePendingTimestamp is removed.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • DeleteKey

  • StartKeyUsage

  • StopKeyUsage

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation RestoreKey for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/RestoreKey

func (*PaymentCryptography) RestoreKeyRequest

func (c *PaymentCryptography) RestoreKeyRequest(input *RestoreKeyInput) (req *request.Request, output *RestoreKeyOutput)

RestoreKeyRequest generates a "aws/request.Request" representing the client's request for the RestoreKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RestoreKey for more information on using the RestoreKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RestoreKeyRequest method.
req, resp := client.RestoreKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/RestoreKey

func (*PaymentCryptography) RestoreKeyWithContext

func (c *PaymentCryptography) RestoreKeyWithContext(ctx aws.Context, input *RestoreKeyInput, opts ...request.Option) (*RestoreKeyOutput, error)

RestoreKeyWithContext is the same as RestoreKey with the addition of the ability to pass a context and additional request options.

See RestoreKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) StartKeyUsage

func (c *PaymentCryptography) StartKeyUsage(input *StartKeyUsageInput) (*StartKeyUsageOutput, error)

StartKeyUsage API operation for Payment Cryptography Control Plane.

Enables an Amazon Web Services Payment Cryptography key, which makes it active for cryptographic operations within Amazon Web Services Payment Cryptography

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • StopKeyUsage

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation StartKeyUsage for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StartKeyUsage

func (*PaymentCryptography) StartKeyUsageRequest

func (c *PaymentCryptography) StartKeyUsageRequest(input *StartKeyUsageInput) (req *request.Request, output *StartKeyUsageOutput)

StartKeyUsageRequest generates a "aws/request.Request" representing the client's request for the StartKeyUsage operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See StartKeyUsage for more information on using the StartKeyUsage API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the StartKeyUsageRequest method.
req, resp := client.StartKeyUsageRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StartKeyUsage

func (*PaymentCryptography) StartKeyUsageWithContext

func (c *PaymentCryptography) StartKeyUsageWithContext(ctx aws.Context, input *StartKeyUsageInput, opts ...request.Option) (*StartKeyUsageOutput, error)

StartKeyUsageWithContext is the same as StartKeyUsage with the addition of the ability to pass a context and additional request options.

See StartKeyUsage for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) StopKeyUsage

func (c *PaymentCryptography) StopKeyUsage(input *StopKeyUsageInput) (*StopKeyUsageOutput, error)

StopKeyUsage API operation for Payment Cryptography Control Plane.

Disables an Amazon Web Services Payment Cryptography key, which makes it inactive within Amazon Web Services Payment Cryptography.

You can use this operation instead of DeleteKey to deactivate a key. You can enable the key in the future by calling StartKeyUsage.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • DeleteKey

  • StartKeyUsage

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation StopKeyUsage for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StopKeyUsage

func (*PaymentCryptography) StopKeyUsageRequest

func (c *PaymentCryptography) StopKeyUsageRequest(input *StopKeyUsageInput) (req *request.Request, output *StopKeyUsageOutput)

StopKeyUsageRequest generates a "aws/request.Request" representing the client's request for the StopKeyUsage operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See StopKeyUsage for more information on using the StopKeyUsage API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the StopKeyUsageRequest method.
req, resp := client.StopKeyUsageRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StopKeyUsage

func (*PaymentCryptography) StopKeyUsageWithContext

func (c *PaymentCryptography) StopKeyUsageWithContext(ctx aws.Context, input *StopKeyUsageInput, opts ...request.Option) (*StopKeyUsageOutput, error)

StopKeyUsageWithContext is the same as StopKeyUsage with the addition of the ability to pass a context and additional request options.

See StopKeyUsage for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) TagResource

func (c *PaymentCryptography) TagResource(input *TagResourceInput) (*TagResourceOutput, error)

TagResource API operation for Payment Cryptography Control Plane.

Adds or edits tags on an Amazon Web Services Payment Cryptography key.

Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key.

Each tag consists of a tag key and a tag value, both of which are case-sensitive strings. The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag value. To edit a tag, specify an existing tag key and a new tag value. You can also add tags to an Amazon Web Services Payment Cryptography key when you create it with CreateKey.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • ListTagsForResource

  • UntagResource

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation TagResource for usage and error information.

Returned Error Types:

  • ServiceQuotaExceededException This request would cause a service quota to be exceeded.

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/TagResource

func (*PaymentCryptography) TagResourceRequest

func (c *PaymentCryptography) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput)

TagResourceRequest generates a "aws/request.Request" representing the client's request for the TagResource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagResource for more information on using the TagResource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagResourceRequest method.
req, resp := client.TagResourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/TagResource

func (*PaymentCryptography) TagResourceWithContext

func (c *PaymentCryptography) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error)

TagResourceWithContext is the same as TagResource with the addition of the ability to pass a context and additional request options.

See TagResource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) UntagResource

func (c *PaymentCryptography) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error)

UntagResource API operation for Payment Cryptography Control Plane.

Deletes a tag from an Amazon Web Services Payment Cryptography key.

Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • ListTagsForResource

  • TagResource

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation UntagResource for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/UntagResource

func (*PaymentCryptography) UntagResourceRequest

func (c *PaymentCryptography) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput)

UntagResourceRequest generates a "aws/request.Request" representing the client's request for the UntagResource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagResource for more information on using the UntagResource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagResourceRequest method.
req, resp := client.UntagResourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/UntagResource

func (*PaymentCryptography) UntagResourceWithContext

func (c *PaymentCryptography) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error)

UntagResourceWithContext is the same as UntagResource with the addition of the ability to pass a context and additional request options.

See UntagResource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*PaymentCryptography) UpdateAlias

func (c *PaymentCryptography) UpdateAlias(input *UpdateAliasInput) (*UpdateAliasOutput, error)

UpdateAlias API operation for Payment Cryptography Control Plane.

Associates an existing Amazon Web Services Payment Cryptography alias with a different key. Each alias is associated with only one Amazon Web Services Payment Cryptography key at a time, although a key can have multiple aliases. The alias and the Amazon Web Services Payment Cryptography key must be in the same Amazon Web Services account and Amazon Web Services Region

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • CreateAlias

  • DeleteAlias

  • GetAlias

  • ListAliases

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Payment Cryptography Control Plane's API operation UpdateAlias for usage and error information.

Returned Error Types:

  • ServiceUnavailableException The service cannot complete the request.

  • ValidationException The request was denied due to an invalid request error.

  • ConflictException This request can cause an inconsistent state for the resource.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ResourceNotFoundException The request was denied due to an invalid resource error.

  • ThrottlingException The request was denied due to request throttling.

  • InternalServerException The request processing has failed because of an unknown error, exception, or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/UpdateAlias

func (*PaymentCryptography) UpdateAliasRequest

func (c *PaymentCryptography) UpdateAliasRequest(input *UpdateAliasInput) (req *request.Request, output *UpdateAliasOutput)

UpdateAliasRequest generates a "aws/request.Request" representing the client's request for the UpdateAlias operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAlias for more information on using the UpdateAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAliasRequest method.
req, resp := client.UpdateAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/UpdateAlias

func (*PaymentCryptography) UpdateAliasWithContext

func (c *PaymentCryptography) UpdateAliasWithContext(ctx aws.Context, input *UpdateAliasInput, opts ...request.Option) (*UpdateAliasOutput, error)

UpdateAliasWithContext is the same as UpdateAlias with the addition of the ability to pass a context and additional request options.

See UpdateAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type ResourceNotFoundException

type ResourceNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The string for the exception.
	ResourceId *string `type:"string"`
	// contains filtered or unexported fields
}

The request was denied due to an invalid resource error.

func (*ResourceNotFoundException) Code

Code returns the exception type name.

func (*ResourceNotFoundException) Error

func (s *ResourceNotFoundException) Error() string

func (ResourceNotFoundException) GoString

func (s ResourceNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceNotFoundException) Message

func (s *ResourceNotFoundException) Message() string

Message returns the exception's message.

func (*ResourceNotFoundException) OrigErr

func (s *ResourceNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ResourceNotFoundException) RequestID

func (s *ResourceNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ResourceNotFoundException) StatusCode

func (s *ResourceNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ResourceNotFoundException) String

func (s ResourceNotFoundException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RestoreKeyInput

type RestoreKeyInput struct {

	// The KeyARN of the key to be restored within Amazon Web Services Payment Cryptography.
	//
	// KeyIdentifier is a required field
	KeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RestoreKeyInput) GoString

func (s RestoreKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RestoreKeyInput) SetKeyIdentifier

func (s *RestoreKeyInput) SetKeyIdentifier(v string) *RestoreKeyInput

SetKeyIdentifier sets the KeyIdentifier field's value.

func (RestoreKeyInput) String

func (s RestoreKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RestoreKeyInput) Validate

func (s *RestoreKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RestoreKeyOutput

type RestoreKeyOutput struct {

	// The key material of the restored key. The KeyState will change to CREATE_COMPLETE
	// and value for DeletePendingTimestamp gets removed.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (RestoreKeyOutput) GoString

func (s RestoreKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RestoreKeyOutput) SetKey

func (s *RestoreKeyOutput) SetKey(v *Key) *RestoreKeyOutput

SetKey sets the Key field's value.

func (RestoreKeyOutput) String

func (s RestoreKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RootCertificatePublicKey

type RootCertificatePublicKey struct {

	// The role of the key, the algorithm it supports, and the cryptographic operations
	// allowed with the key. This data is immutable after the root public key is
	// imported.
	//
	// KeyAttributes is a required field
	KeyAttributes *KeyAttributes `type:"structure" required:"true"`

	// Parameter information for root public key certificate import.
	//
	// PublicKeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RootCertificatePublicKey's
	// String and GoString methods.
	//
	// PublicKeyCertificate is a required field
	PublicKeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Parameter information for root public key certificate import.

func (RootCertificatePublicKey) GoString

func (s RootCertificatePublicKey) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RootCertificatePublicKey) SetKeyAttributes

SetKeyAttributes sets the KeyAttributes field's value.

func (*RootCertificatePublicKey) SetPublicKeyCertificate

func (s *RootCertificatePublicKey) SetPublicKeyCertificate(v string) *RootCertificatePublicKey

SetPublicKeyCertificate sets the PublicKeyCertificate field's value.

func (RootCertificatePublicKey) String

func (s RootCertificatePublicKey) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RootCertificatePublicKey) Validate

func (s *RootCertificatePublicKey) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ServiceQuotaExceededException

type ServiceQuotaExceededException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

This request would cause a service quota to be exceeded.

func (*ServiceQuotaExceededException) Code

Code returns the exception type name.

func (*ServiceQuotaExceededException) Error

func (ServiceQuotaExceededException) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceQuotaExceededException) Message

Message returns the exception's message.

func (*ServiceQuotaExceededException) OrigErr

func (s *ServiceQuotaExceededException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ServiceQuotaExceededException) RequestID

func (s *ServiceQuotaExceededException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ServiceQuotaExceededException) StatusCode

func (s *ServiceQuotaExceededException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ServiceQuotaExceededException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServiceUnavailableException

type ServiceUnavailableException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The service cannot complete the request.

func (*ServiceUnavailableException) Code

Code returns the exception type name.

func (*ServiceUnavailableException) Error

func (ServiceUnavailableException) GoString

func (s ServiceUnavailableException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceUnavailableException) Message

func (s *ServiceUnavailableException) Message() string

Message returns the exception's message.

func (*ServiceUnavailableException) OrigErr

func (s *ServiceUnavailableException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ServiceUnavailableException) RequestID

func (s *ServiceUnavailableException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ServiceUnavailableException) StatusCode

func (s *ServiceUnavailableException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ServiceUnavailableException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StartKeyUsageInput

type StartKeyUsageInput struct {

	// The KeyArn of the key.
	//
	// KeyIdentifier is a required field
	KeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (StartKeyUsageInput) GoString

func (s StartKeyUsageInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartKeyUsageInput) SetKeyIdentifier

func (s *StartKeyUsageInput) SetKeyIdentifier(v string) *StartKeyUsageInput

SetKeyIdentifier sets the KeyIdentifier field's value.

func (StartKeyUsageInput) String

func (s StartKeyUsageInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartKeyUsageInput) Validate

func (s *StartKeyUsageInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StartKeyUsageOutput

type StartKeyUsageOutput struct {

	// The KeyARN of the Amazon Web Services Payment Cryptography key activated
	// for use.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (StartKeyUsageOutput) GoString

func (s StartKeyUsageOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartKeyUsageOutput) SetKey

SetKey sets the Key field's value.

func (StartKeyUsageOutput) String

func (s StartKeyUsageOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StopKeyUsageInput

type StopKeyUsageInput struct {

	// The KeyArn of the key.
	//
	// KeyIdentifier is a required field
	KeyIdentifier *string `min:"7" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (StopKeyUsageInput) GoString

func (s StopKeyUsageInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StopKeyUsageInput) SetKeyIdentifier

func (s *StopKeyUsageInput) SetKeyIdentifier(v string) *StopKeyUsageInput

SetKeyIdentifier sets the KeyIdentifier field's value.

func (StopKeyUsageInput) String

func (s StopKeyUsageInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StopKeyUsageInput) Validate

func (s *StopKeyUsageInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StopKeyUsageOutput

type StopKeyUsageOutput struct {

	// The KeyARN of the key.
	//
	// Key is a required field
	Key *Key `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (StopKeyUsageOutput) GoString

func (s StopKeyUsageOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StopKeyUsageOutput) SetKey

func (s *StopKeyUsageOutput) SetKey(v *Key) *StopKeyUsageOutput

SetKey sets the Key field's value.

func (StopKeyUsageOutput) String

func (s StopKeyUsageOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Tag

type Tag struct {

	// The key of the tag.
	//
	// Key is a required field
	Key *string `min:"1" type:"string" required:"true"`

	// The value of the tag.
	Value *string `type:"string"`
	// contains filtered or unexported fields
}

A structure that contains information about a tag.

func (Tag) GoString

func (s Tag) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Tag) SetKey

func (s *Tag) SetKey(v string) *Tag

SetKey sets the Key field's value.

func (*Tag) SetValue

func (s *Tag) SetValue(v string) *Tag

SetValue sets the Value field's value.

func (Tag) String

func (s Tag) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Tag) Validate

func (s *Tag) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagResourceInput

type TagResourceInput struct {

	// The KeyARN of the key whose tags are being updated.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"70" type:"string" required:"true"`

	// One or more tags. Each tag consists of a tag key and a tag value. The tag
	// value can be an empty (null) string. You can't have more than one tag on
	// an Amazon Web Services Payment Cryptography key with the same tag key. If
	// you specify an existing tag key with a different tag value, Amazon Web Services
	// Payment Cryptography replaces the current tag value with the new one.
	//
	// Don't include confidential or sensitive information in this field. This field
	// may be displayed in plaintext in CloudTrail logs and other output.
	//
	// To use this parameter, you must have TagResource permission in an IAM policy.
	//
	// Don't include confidential or sensitive information in this field. This field
	// may be displayed in plaintext in CloudTrail logs and other output.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagResourceInput) GoString

func (s TagResourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagResourceInput) SetResourceArn

func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput

SetResourceArn sets the ResourceArn field's value.

func (*TagResourceInput) SetTags

func (s *TagResourceInput) SetTags(v []*Tag) *TagResourceInput

SetTags sets the Tags field's value.

func (TagResourceInput) String

func (s TagResourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagResourceInput) Validate

func (s *TagResourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagResourceOutput

type TagResourceOutput struct {
	// contains filtered or unexported fields
}

func (TagResourceOutput) GoString

func (s TagResourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagResourceOutput) String

func (s TagResourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ThrottlingException

type ThrottlingException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The request was denied due to request throttling.

func (*ThrottlingException) Code

func (s *ThrottlingException) Code() string

Code returns the exception type name.

func (*ThrottlingException) Error

func (s *ThrottlingException) Error() string

func (ThrottlingException) GoString

func (s ThrottlingException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ThrottlingException) Message

func (s *ThrottlingException) Message() string

Message returns the exception's message.

func (*ThrottlingException) OrigErr

func (s *ThrottlingException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ThrottlingException) RequestID

func (s *ThrottlingException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ThrottlingException) StatusCode

func (s *ThrottlingException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ThrottlingException) String

func (s ThrottlingException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TrustedCertificatePublicKey

type TrustedCertificatePublicKey struct {

	// The KeyARN of the root public key certificate or certificate chain that signs
	// the trusted public key certificate import.
	//
	// CertificateAuthorityPublicKeyIdentifier is a required field
	CertificateAuthorityPublicKeyIdentifier *string `min:"7" type:"string" required:"true"`

	// The role of the key, the algorithm it supports, and the cryptographic operations
	// allowed with the key. This data is immutable after a trusted public key is
	// imported.
	//
	// KeyAttributes is a required field
	KeyAttributes *KeyAttributes `type:"structure" required:"true"`

	// Parameter information for trusted public key certificate import.
	//
	// PublicKeyCertificate is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by TrustedCertificatePublicKey's
	// String and GoString methods.
	//
	// PublicKeyCertificate is a required field
	PublicKeyCertificate *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Parameter information for trusted public key certificate import.

func (TrustedCertificatePublicKey) GoString

func (s TrustedCertificatePublicKey) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TrustedCertificatePublicKey) SetCertificateAuthorityPublicKeyIdentifier

func (s *TrustedCertificatePublicKey) SetCertificateAuthorityPublicKeyIdentifier(v string) *TrustedCertificatePublicKey

SetCertificateAuthorityPublicKeyIdentifier sets the CertificateAuthorityPublicKeyIdentifier field's value.

func (*TrustedCertificatePublicKey) SetKeyAttributes

SetKeyAttributes sets the KeyAttributes field's value.

func (*TrustedCertificatePublicKey) SetPublicKeyCertificate

func (s *TrustedCertificatePublicKey) SetPublicKeyCertificate(v string) *TrustedCertificatePublicKey

SetPublicKeyCertificate sets the PublicKeyCertificate field's value.

func (TrustedCertificatePublicKey) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TrustedCertificatePublicKey) Validate

func (s *TrustedCertificatePublicKey) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagResourceInput

type UntagResourceInput struct {

	// The KeyARN of the key whose tags are being removed.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"70" type:"string" required:"true"`

	// One or more tag keys. Don't include the tag values.
	//
	// If the Amazon Web Services Payment Cryptography key doesn't have the specified
	// tag key, Amazon Web Services Payment Cryptography doesn't throw an exception
	// or return a response. To confirm that the operation succeeded, use the ListTagsForResource
	// operation.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagResourceInput) GoString

func (s UntagResourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagResourceInput) SetResourceArn

func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput

SetResourceArn sets the ResourceArn field's value.

func (*UntagResourceInput) SetTagKeys

func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput

SetTagKeys sets the TagKeys field's value.

func (UntagResourceInput) String

func (s UntagResourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagResourceInput) Validate

func (s *UntagResourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagResourceOutput

type UntagResourceOutput struct {
	// contains filtered or unexported fields
}

func (UntagResourceOutput) GoString

func (s UntagResourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagResourceOutput) String

func (s UntagResourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateAliasInput

type UpdateAliasInput struct {

	// The alias whose associated key is changing.
	//
	// AliasName is a required field
	AliasName *string `min:"7" type:"string" required:"true"`

	// The KeyARN for the key that you are updating or removing from the alias.
	KeyArn *string `min:"70" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateAliasInput) GoString

func (s UpdateAliasInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAliasInput) SetAliasName

func (s *UpdateAliasInput) SetAliasName(v string) *UpdateAliasInput

SetAliasName sets the AliasName field's value.

func (*UpdateAliasInput) SetKeyArn

func (s *UpdateAliasInput) SetKeyArn(v string) *UpdateAliasInput

SetKeyArn sets the KeyArn field's value.

func (UpdateAliasInput) String

func (s UpdateAliasInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAliasInput) Validate

func (s *UpdateAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAliasOutput

type UpdateAliasOutput struct {

	// The alias name.
	//
	// Alias is a required field
	Alias *Alias `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateAliasOutput) GoString

func (s UpdateAliasOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAliasOutput) SetAlias

func (s *UpdateAliasOutput) SetAlias(v *Alias) *UpdateAliasOutput

SetAlias sets the Alias field's value.

func (UpdateAliasOutput) String

func (s UpdateAliasOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ValidationException

type ValidationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The request was denied due to an invalid request error.

func (*ValidationException) Code

func (s *ValidationException) Code() string

Code returns the exception type name.

func (*ValidationException) Error

func (s *ValidationException) Error() string

func (ValidationException) GoString

func (s ValidationException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationException) Message

func (s *ValidationException) Message() string

Message returns the exception's message.

func (*ValidationException) OrigErr

func (s *ValidationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ValidationException) RequestID

func (s *ValidationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ValidationException) StatusCode

func (s *ValidationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ValidationException) String

func (s ValidationException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type WrappedKey

type WrappedKey struct {

	// Parameter information for generating a wrapped key using TR-31 or TR-34 standard.
	//
	// KeyMaterial is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by WrappedKey's
	// String and GoString methods.
	//
	// KeyMaterial is a required field
	KeyMaterial *string `min:"48" type:"string" required:"true" sensitive:"true"`

	// The key block format of a wrapped key.
	//
	// WrappedKeyMaterialFormat is a required field
	WrappedKeyMaterialFormat *string `type:"string" required:"true" enum:"WrappedKeyMaterialFormat"`

	// The KeyARN of the wrapped key.
	//
	// WrappingKeyArn is a required field
	WrappingKeyArn *string `min:"70" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Parameter information for generating a wrapped key using TR-31 or TR-34 standard.

func (WrappedKey) GoString

func (s WrappedKey) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*WrappedKey) SetKeyMaterial

func (s *WrappedKey) SetKeyMaterial(v string) *WrappedKey

SetKeyMaterial sets the KeyMaterial field's value.

func (*WrappedKey) SetWrappedKeyMaterialFormat

func (s *WrappedKey) SetWrappedKeyMaterialFormat(v string) *WrappedKey

SetWrappedKeyMaterialFormat sets the WrappedKeyMaterialFormat field's value.

func (*WrappedKey) SetWrappingKeyArn

func (s *WrappedKey) SetWrappingKeyArn(v string) *WrappedKey

SetWrappingKeyArn sets the WrappingKeyArn field's value.

func (WrappedKey) String

func (s WrappedKey) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

Directories

Path Synopsis
Package paymentcryptographyiface provides an interface to enable mocking the Payment Cryptography Control Plane service client for testing your code.
Package paymentcryptographyiface provides an interface to enable mocking the Payment Cryptography Control Plane service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL