Package com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store

Class MetaStore

java.lang.Object

com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store.ProviderStore

com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store.MetaStore

public class MetaStore
extends ProviderStore

Provides a simple collection of EncryptionMaterialProviders backed by an encrypted DynamoDB table. This can be used to build key hierarchies or meta providers. Currently, this only supports AES-256 in AESWrap mode and HmacSHA256 for the providers persisted in the table.

Author:

rubin

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	MetaStore.ExtraDataSupplier	Provides extra data that should be persisted along with the standard material data.

Constructor Summary

Constructors

Constructor	Description
MetaStore(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, DynamoDBEncryptor encryptor)	Create a new MetaStore with specified table name.
MetaStore(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, DynamoDBEncryptor encryptor, MetaStore.ExtraDataSupplier extraDataSupplier)	Create a new MetaStore with specified table name and extra data supplier.

Method Summary

Modifier and Type	Method	Description
static com.amazonaws.services.dynamodbv2.model.CreateTableResult	createTable(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb, String tableName, com.amazonaws.services.dynamodbv2.model.ProvisionedThroughput provisionedThroughput)	Creates a DynamoDB Table with the correct properties to be used with a ProviderStore.
long	getMaxVersion(String materialName)	Returns the maximum version number associated with materialName.
EncryptionMaterialsProvider	getOrCreate(String materialName, long nextId)	Returns the provider with the specified name and version and creates it if it doesn't exist.
EncryptionMaterialsProvider	getProvider(String materialName, long version)	Returns the provider with the specified name and version.
long	getVersionFromMaterialDescription(Map<String,String> description)	Extracts the material version from description.
void	replicate(String materialName, long version, MetaStore targetMetaStore)	This API retrieves the intermediate keys from the source region and replicates it in the target region.

Methods inherited from class com.amazonaws.services.dynamodbv2.datamodeling.encryption.providers.store.ProviderStore

getProvider, newProvider

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

MetaStore

public MetaStore(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb,
                 String tableName,
                 DynamoDBEncryptor encryptor)

Create a new MetaStore with specified table name.

Parameters:

ddb - Interface for accessing DynamoDB.

tableName - DynamoDB table name for this MetaStore.

encryptor - used to perform crypto operations on the record attributes.

MetaStore

public MetaStore(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb,
                 String tableName,
                 DynamoDBEncryptor encryptor,
                 MetaStore.ExtraDataSupplier extraDataSupplier)

Create a new MetaStore with specified table name and extra data supplier.

Parameters:

ddb - Interface for accessing DynamoDB.

tableName - DynamoDB table name for this MetaStore.

encryptor - used to perform crypto operations on the record attributes

extraDataSupplier - provides extra data that should be stored along with the material.

Method Detail

getProvider

public EncryptionMaterialsProvider getProvider(String materialName,
                                               long version)

Description copied from class: ProviderStore

Returns the provider with the specified name and version.

Specified by:

getProvider in class ProviderStore

getOrCreate

public EncryptionMaterialsProvider getOrCreate(String materialName,
                                               long nextId)

Description copied from class: ProviderStore

Returns the provider with the specified name and version and creates it if it doesn't exist.

Overrides:

getOrCreate in class ProviderStore

getMaxVersion

public long getMaxVersion(String materialName)

Description copied from class: ProviderStore

Returns the maximum version number associated with materialName. If there are no versions, returns -1.

Specified by:

getMaxVersion in class ProviderStore

getVersionFromMaterialDescription

public long getVersionFromMaterialDescription(Map<String,String> description)

Description copied from class: ProviderStore

Extracts the material version from description.

Specified by:

getVersionFromMaterialDescription in class ProviderStore

replicate

public void replicate(String materialName,
                      long version,
                      MetaStore targetMetaStore)

This API retrieves the intermediate keys from the source region and replicates it in the target region.

Parameters:

materialName - material name of the encryption material.

version - version of the encryption material.

targetMetaStore - target MetaStore where the encryption material to be stored.

createTable

public static com.amazonaws.services.dynamodbv2.model.CreateTableResult createTable(com.amazonaws.services.dynamodbv2.AmazonDynamoDB ddb,
                                                                                    String tableName,
                                                                                    com.amazonaws.services.dynamodbv2.model.ProvisionedThroughput provisionedThroughput)

Creates a DynamoDB Table with the correct properties to be used with a ProviderStore.

Parameters:

ddb - interface for accessing DynamoDB

tableName - name of table that stores the meta data of the material.

provisionedThroughput - required provisioned throughput of the this table.

Returns:

result of create table request.