1 /** 2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 * SPDX-License-Identifier: Apache-2.0. 4 */ 5 6 #pragma once 7 #include <aws/email/SES_EXPORTS.h> 8 #include <aws/core/utils/memory/stl/AWSStreamFwd.h> 9 #include <aws/core/utils/memory/stl/AWSString.h> 10 #include <utility> 11 12 namespace Aws 13 { 14 namespace Utils 15 { 16 namespace Xml 17 { 18 class XmlNode; 19 } // namespace Xml 20 } // namespace Utils 21 namespace SES 22 { 23 namespace Model 24 { 25 26 /** 27 * <p>When included in a receipt rule, this action saves the received message to an 28 * Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a 29 * notification to Amazon Simple Notification Service (Amazon SNS).</p> <p>To 30 * enable Amazon SES to write emails to your Amazon S3 bucket, use an AWS KMS key 31 * to encrypt your emails, or publish to an Amazon SNS topic of another account, 32 * Amazon SES must have permission to access those resources. For information about 33 * giving permissions, see the <a 34 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 35 * SES Developer Guide</a>.</p> <p>When you save your emails to an Amazon S3 36 * bucket, the maximum email size (including headers) is 30 MB. Emails larger than 37 * that will bounce.</p> <p>For information about specifying Amazon S3 38 * actions in receipt rules, see the <a 39 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-action-s3.html">Amazon 40 * SES Developer Guide</a>.</p><p><h3>See Also:</h3> <a 41 * href="http://docs.aws.amazon.com/goto/WebAPI/email-2010-12-01/S3Action">AWS API 42 * Reference</a></p> 43 */ 44 class AWS_SES_API S3Action 45 { 46 public: 47 S3Action(); 48 S3Action(const Aws::Utils::Xml::XmlNode& xmlNode); 49 S3Action& operator=(const Aws::Utils::Xml::XmlNode& xmlNode); 50 51 void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const; 52 void OutputToStream(Aws::OStream& oStream, const char* location) const; 53 54 55 /** 56 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 57 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 58 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 59 * about Amazon SNS topics, see the <a 60 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 61 * Developer Guide</a>.</p> 62 */ GetTopicArn()63 inline const Aws::String& GetTopicArn() const{ return m_topicArn; } 64 65 /** 66 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 67 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 68 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 69 * about Amazon SNS topics, see the <a 70 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 71 * Developer Guide</a>.</p> 72 */ TopicArnHasBeenSet()73 inline bool TopicArnHasBeenSet() const { return m_topicArnHasBeenSet; } 74 75 /** 76 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 77 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 78 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 79 * about Amazon SNS topics, see the <a 80 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 81 * Developer Guide</a>.</p> 82 */ SetTopicArn(const Aws::String & value)83 inline void SetTopicArn(const Aws::String& value) { m_topicArnHasBeenSet = true; m_topicArn = value; } 84 85 /** 86 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 87 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 88 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 89 * about Amazon SNS topics, see the <a 90 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 91 * Developer Guide</a>.</p> 92 */ SetTopicArn(Aws::String && value)93 inline void SetTopicArn(Aws::String&& value) { m_topicArnHasBeenSet = true; m_topicArn = std::move(value); } 94 95 /** 96 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 97 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 98 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 99 * about Amazon SNS topics, see the <a 100 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 101 * Developer Guide</a>.</p> 102 */ SetTopicArn(const char * value)103 inline void SetTopicArn(const char* value) { m_topicArnHasBeenSet = true; m_topicArn.assign(value); } 104 105 /** 106 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 107 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 108 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 109 * about Amazon SNS topics, see the <a 110 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 111 * Developer Guide</a>.</p> 112 */ WithTopicArn(const Aws::String & value)113 inline S3Action& WithTopicArn(const Aws::String& value) { SetTopicArn(value); return *this;} 114 115 /** 116 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 117 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 118 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 119 * about Amazon SNS topics, see the <a 120 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 121 * Developer Guide</a>.</p> 122 */ WithTopicArn(Aws::String && value)123 inline S3Action& WithTopicArn(Aws::String&& value) { SetTopicArn(std::move(value)); return *this;} 124 125 /** 126 * <p>The ARN of the Amazon SNS topic to notify when the message is saved to the 127 * Amazon S3 bucket. An example of an Amazon SNS topic ARN is 128 * <code>arn:aws:sns:us-west-2:123456789012:MyTopic</code>. For more information 129 * about Amazon SNS topics, see the <a 130 * href="https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html">Amazon SNS 131 * Developer Guide</a>.</p> 132 */ WithTopicArn(const char * value)133 inline S3Action& WithTopicArn(const char* value) { SetTopicArn(value); return *this;} 134 135 136 /** 137 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 138 */ GetBucketName()139 inline const Aws::String& GetBucketName() const{ return m_bucketName; } 140 141 /** 142 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 143 */ BucketNameHasBeenSet()144 inline bool BucketNameHasBeenSet() const { return m_bucketNameHasBeenSet; } 145 146 /** 147 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 148 */ SetBucketName(const Aws::String & value)149 inline void SetBucketName(const Aws::String& value) { m_bucketNameHasBeenSet = true; m_bucketName = value; } 150 151 /** 152 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 153 */ SetBucketName(Aws::String && value)154 inline void SetBucketName(Aws::String&& value) { m_bucketNameHasBeenSet = true; m_bucketName = std::move(value); } 155 156 /** 157 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 158 */ SetBucketName(const char * value)159 inline void SetBucketName(const char* value) { m_bucketNameHasBeenSet = true; m_bucketName.assign(value); } 160 161 /** 162 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 163 */ WithBucketName(const Aws::String & value)164 inline S3Action& WithBucketName(const Aws::String& value) { SetBucketName(value); return *this;} 165 166 /** 167 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 168 */ WithBucketName(Aws::String && value)169 inline S3Action& WithBucketName(Aws::String&& value) { SetBucketName(std::move(value)); return *this;} 170 171 /** 172 * <p>The name of the Amazon S3 bucket that incoming email will be saved to.</p> 173 */ WithBucketName(const char * value)174 inline S3Action& WithBucketName(const char* value) { SetBucketName(value); return *this;} 175 176 177 /** 178 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 179 * directory name that enables you to store similar data under the same directory 180 * in a bucket.</p> 181 */ GetObjectKeyPrefix()182 inline const Aws::String& GetObjectKeyPrefix() const{ return m_objectKeyPrefix; } 183 184 /** 185 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 186 * directory name that enables you to store similar data under the same directory 187 * in a bucket.</p> 188 */ ObjectKeyPrefixHasBeenSet()189 inline bool ObjectKeyPrefixHasBeenSet() const { return m_objectKeyPrefixHasBeenSet; } 190 191 /** 192 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 193 * directory name that enables you to store similar data under the same directory 194 * in a bucket.</p> 195 */ SetObjectKeyPrefix(const Aws::String & value)196 inline void SetObjectKeyPrefix(const Aws::String& value) { m_objectKeyPrefixHasBeenSet = true; m_objectKeyPrefix = value; } 197 198 /** 199 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 200 * directory name that enables you to store similar data under the same directory 201 * in a bucket.</p> 202 */ SetObjectKeyPrefix(Aws::String && value)203 inline void SetObjectKeyPrefix(Aws::String&& value) { m_objectKeyPrefixHasBeenSet = true; m_objectKeyPrefix = std::move(value); } 204 205 /** 206 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 207 * directory name that enables you to store similar data under the same directory 208 * in a bucket.</p> 209 */ SetObjectKeyPrefix(const char * value)210 inline void SetObjectKeyPrefix(const char* value) { m_objectKeyPrefixHasBeenSet = true; m_objectKeyPrefix.assign(value); } 211 212 /** 213 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 214 * directory name that enables you to store similar data under the same directory 215 * in a bucket.</p> 216 */ WithObjectKeyPrefix(const Aws::String & value)217 inline S3Action& WithObjectKeyPrefix(const Aws::String& value) { SetObjectKeyPrefix(value); return *this;} 218 219 /** 220 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 221 * directory name that enables you to store similar data under the same directory 222 * in a bucket.</p> 223 */ WithObjectKeyPrefix(Aws::String && value)224 inline S3Action& WithObjectKeyPrefix(Aws::String&& value) { SetObjectKeyPrefix(std::move(value)); return *this;} 225 226 /** 227 * <p>The key prefix of the Amazon S3 bucket. The key prefix is similar to a 228 * directory name that enables you to store similar data under the same directory 229 * in a bucket.</p> 230 */ WithObjectKeyPrefix(const char * value)231 inline S3Action& WithObjectKeyPrefix(const char* value) { SetObjectKeyPrefix(value); return *this;} 232 233 234 /** 235 * <p>The customer master key that Amazon SES should use to encrypt your emails 236 * before saving them to the Amazon S3 bucket. You can use the default master key 237 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 238 * use the default master key, provide an ARN in the form of 239 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 240 * example, if your AWS account ID is 123456789012 and you want to use the default 241 * master key in the US West (Oregon) region, the ARN of the default master key 242 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 243 * use the default master key, you don't need to perform any extra steps to give 244 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 245 * key you created in AWS KMS, provide the ARN of the master key and ensure that 246 * you add a statement to your key's policy to give Amazon SES permission to use 247 * it. For more information about giving permissions, see the <a 248 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 249 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 250 * policies, see the <a 251 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 252 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 253 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 254 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 255 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 256 * means that you must use the Amazon S3 encryption client to decrypt the email 257 * after retrieving it from Amazon S3, as the service has no access to use your AWS 258 * KMS keys for decryption. This encryption client is currently available with the 259 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 260 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 261 * information about client-side encryption using AWS KMS master keys, see the <a 262 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 263 * S3 Developer Guide</a>.</p> 264 */ GetKmsKeyArn()265 inline const Aws::String& GetKmsKeyArn() const{ return m_kmsKeyArn; } 266 267 /** 268 * <p>The customer master key that Amazon SES should use to encrypt your emails 269 * before saving them to the Amazon S3 bucket. You can use the default master key 270 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 271 * use the default master key, provide an ARN in the form of 272 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 273 * example, if your AWS account ID is 123456789012 and you want to use the default 274 * master key in the US West (Oregon) region, the ARN of the default master key 275 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 276 * use the default master key, you don't need to perform any extra steps to give 277 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 278 * key you created in AWS KMS, provide the ARN of the master key and ensure that 279 * you add a statement to your key's policy to give Amazon SES permission to use 280 * it. For more information about giving permissions, see the <a 281 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 282 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 283 * policies, see the <a 284 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 285 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 286 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 287 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 288 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 289 * means that you must use the Amazon S3 encryption client to decrypt the email 290 * after retrieving it from Amazon S3, as the service has no access to use your AWS 291 * KMS keys for decryption. This encryption client is currently available with the 292 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 293 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 294 * information about client-side encryption using AWS KMS master keys, see the <a 295 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 296 * S3 Developer Guide</a>.</p> 297 */ KmsKeyArnHasBeenSet()298 inline bool KmsKeyArnHasBeenSet() const { return m_kmsKeyArnHasBeenSet; } 299 300 /** 301 * <p>The customer master key that Amazon SES should use to encrypt your emails 302 * before saving them to the Amazon S3 bucket. You can use the default master key 303 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 304 * use the default master key, provide an ARN in the form of 305 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 306 * example, if your AWS account ID is 123456789012 and you want to use the default 307 * master key in the US West (Oregon) region, the ARN of the default master key 308 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 309 * use the default master key, you don't need to perform any extra steps to give 310 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 311 * key you created in AWS KMS, provide the ARN of the master key and ensure that 312 * you add a statement to your key's policy to give Amazon SES permission to use 313 * it. For more information about giving permissions, see the <a 314 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 315 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 316 * policies, see the <a 317 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 318 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 319 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 320 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 321 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 322 * means that you must use the Amazon S3 encryption client to decrypt the email 323 * after retrieving it from Amazon S3, as the service has no access to use your AWS 324 * KMS keys for decryption. This encryption client is currently available with the 325 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 326 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 327 * information about client-side encryption using AWS KMS master keys, see the <a 328 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 329 * S3 Developer Guide</a>.</p> 330 */ SetKmsKeyArn(const Aws::String & value)331 inline void SetKmsKeyArn(const Aws::String& value) { m_kmsKeyArnHasBeenSet = true; m_kmsKeyArn = value; } 332 333 /** 334 * <p>The customer master key that Amazon SES should use to encrypt your emails 335 * before saving them to the Amazon S3 bucket. You can use the default master key 336 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 337 * use the default master key, provide an ARN in the form of 338 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 339 * example, if your AWS account ID is 123456789012 and you want to use the default 340 * master key in the US West (Oregon) region, the ARN of the default master key 341 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 342 * use the default master key, you don't need to perform any extra steps to give 343 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 344 * key you created in AWS KMS, provide the ARN of the master key and ensure that 345 * you add a statement to your key's policy to give Amazon SES permission to use 346 * it. For more information about giving permissions, see the <a 347 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 348 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 349 * policies, see the <a 350 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 351 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 352 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 353 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 354 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 355 * means that you must use the Amazon S3 encryption client to decrypt the email 356 * after retrieving it from Amazon S3, as the service has no access to use your AWS 357 * KMS keys for decryption. This encryption client is currently available with the 358 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 359 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 360 * information about client-side encryption using AWS KMS master keys, see the <a 361 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 362 * S3 Developer Guide</a>.</p> 363 */ SetKmsKeyArn(Aws::String && value)364 inline void SetKmsKeyArn(Aws::String&& value) { m_kmsKeyArnHasBeenSet = true; m_kmsKeyArn = std::move(value); } 365 366 /** 367 * <p>The customer master key that Amazon SES should use to encrypt your emails 368 * before saving them to the Amazon S3 bucket. You can use the default master key 369 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 370 * use the default master key, provide an ARN in the form of 371 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 372 * example, if your AWS account ID is 123456789012 and you want to use the default 373 * master key in the US West (Oregon) region, the ARN of the default master key 374 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 375 * use the default master key, you don't need to perform any extra steps to give 376 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 377 * key you created in AWS KMS, provide the ARN of the master key and ensure that 378 * you add a statement to your key's policy to give Amazon SES permission to use 379 * it. For more information about giving permissions, see the <a 380 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 381 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 382 * policies, see the <a 383 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 384 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 385 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 386 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 387 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 388 * means that you must use the Amazon S3 encryption client to decrypt the email 389 * after retrieving it from Amazon S3, as the service has no access to use your AWS 390 * KMS keys for decryption. This encryption client is currently available with the 391 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 392 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 393 * information about client-side encryption using AWS KMS master keys, see the <a 394 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 395 * S3 Developer Guide</a>.</p> 396 */ SetKmsKeyArn(const char * value)397 inline void SetKmsKeyArn(const char* value) { m_kmsKeyArnHasBeenSet = true; m_kmsKeyArn.assign(value); } 398 399 /** 400 * <p>The customer master key that Amazon SES should use to encrypt your emails 401 * before saving them to the Amazon S3 bucket. You can use the default master key 402 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 403 * use the default master key, provide an ARN in the form of 404 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 405 * example, if your AWS account ID is 123456789012 and you want to use the default 406 * master key in the US West (Oregon) region, the ARN of the default master key 407 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 408 * use the default master key, you don't need to perform any extra steps to give 409 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 410 * key you created in AWS KMS, provide the ARN of the master key and ensure that 411 * you add a statement to your key's policy to give Amazon SES permission to use 412 * it. For more information about giving permissions, see the <a 413 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 414 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 415 * policies, see the <a 416 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 417 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 418 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 419 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 420 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 421 * means that you must use the Amazon S3 encryption client to decrypt the email 422 * after retrieving it from Amazon S3, as the service has no access to use your AWS 423 * KMS keys for decryption. This encryption client is currently available with the 424 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 425 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 426 * information about client-side encryption using AWS KMS master keys, see the <a 427 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 428 * S3 Developer Guide</a>.</p> 429 */ WithKmsKeyArn(const Aws::String & value)430 inline S3Action& WithKmsKeyArn(const Aws::String& value) { SetKmsKeyArn(value); return *this;} 431 432 /** 433 * <p>The customer master key that Amazon SES should use to encrypt your emails 434 * before saving them to the Amazon S3 bucket. You can use the default master key 435 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 436 * use the default master key, provide an ARN in the form of 437 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 438 * example, if your AWS account ID is 123456789012 and you want to use the default 439 * master key in the US West (Oregon) region, the ARN of the default master key 440 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 441 * use the default master key, you don't need to perform any extra steps to give 442 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 443 * key you created in AWS KMS, provide the ARN of the master key and ensure that 444 * you add a statement to your key's policy to give Amazon SES permission to use 445 * it. For more information about giving permissions, see the <a 446 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 447 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 448 * policies, see the <a 449 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 450 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 451 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 452 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 453 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 454 * means that you must use the Amazon S3 encryption client to decrypt the email 455 * after retrieving it from Amazon S3, as the service has no access to use your AWS 456 * KMS keys for decryption. This encryption client is currently available with the 457 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 458 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 459 * information about client-side encryption using AWS KMS master keys, see the <a 460 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 461 * S3 Developer Guide</a>.</p> 462 */ WithKmsKeyArn(Aws::String && value)463 inline S3Action& WithKmsKeyArn(Aws::String&& value) { SetKmsKeyArn(std::move(value)); return *this;} 464 465 /** 466 * <p>The customer master key that Amazon SES should use to encrypt your emails 467 * before saving them to the Amazon S3 bucket. You can use the default master key 468 * or a custom master key you created in AWS KMS as follows:</p> <ul> <li> <p>To 469 * use the default master key, provide an ARN in the form of 470 * <code>arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses</code>. For 471 * example, if your AWS account ID is 123456789012 and you want to use the default 472 * master key in the US West (Oregon) region, the ARN of the default master key 473 * would be <code>arn:aws:kms:us-west-2:123456789012:alias/aws/ses</code>. If you 474 * use the default master key, you don't need to perform any extra steps to give 475 * Amazon SES permission to use the key.</p> </li> <li> <p>To use a custom master 476 * key you created in AWS KMS, provide the ARN of the master key and ensure that 477 * you add a statement to your key's policy to give Amazon SES permission to use 478 * it. For more information about giving permissions, see the <a 479 * href="https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html">Amazon 480 * SES Developer Guide</a>.</p> </li> </ul> <p>For more information about key 481 * policies, see the <a 482 * href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html">AWS 483 * KMS Developer Guide</a>. If you do not specify a master key, Amazon SES will not 484 * encrypt your emails.</p> <p>Your mail is encrypted by Amazon SES 485 * using the Amazon S3 encryption client before the mail is submitted to Amazon S3 486 * for storage. It is not encrypted using Amazon S3 server-side encryption. This 487 * means that you must use the Amazon S3 encryption client to decrypt the email 488 * after retrieving it from Amazon S3, as the service has no access to use your AWS 489 * KMS keys for decryption. This encryption client is currently available with the 490 * <a href="http://aws.amazon.com/sdk-for-java/">AWS SDK for Java</a> and <a 491 * href="http://aws.amazon.com/sdk-for-ruby/">AWS SDK for Ruby</a> only. For more 492 * information about client-side encryption using AWS KMS master keys, see the <a 493 * href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon 494 * S3 Developer Guide</a>.</p> 495 */ WithKmsKeyArn(const char * value)496 inline S3Action& WithKmsKeyArn(const char* value) { SetKmsKeyArn(value); return *this;} 497 498 private: 499 500 Aws::String m_topicArn; 501 bool m_topicArnHasBeenSet; 502 503 Aws::String m_bucketName; 504 bool m_bucketNameHasBeenSet; 505 506 Aws::String m_objectKeyPrefix; 507 bool m_objectKeyPrefixHasBeenSet; 508 509 Aws::String m_kmsKeyArn; 510 bool m_kmsKeyArnHasBeenSet; 511 }; 512 513 } // namespace Model 514 } // namespace SES 515 } // namespace Aws 516