Structures
Common structures used by the DynamoDB Encryption Client.
- class dynamodb_encryption_sdk.structures.EncryptionContext(table_name: Optional[str] = None, partition_key_name: Optional[str] = None, sort_key_name: Optional[str] = None, attributes: Optional[Dict[str, Dict]] = None, material_description: Optional[Dict[str, str]] = None)[source]
Bases:
object
Additional information about an encryption request.
- Parameters
table_name (str) – Table name
partition_key_name (str) – Name of primary index partition attribute
sort_key_name (str) – Name of primary index sort attribute
attributes (dict) – Plaintext item attributes as a DynamoDB JSON dictionary
material_description (dict) – Material description to use with this request
- class dynamodb_encryption_sdk.structures.AttributeActions(default_action: Optional[dynamodb_encryption_sdk.identifiers.CryptoAction] = CryptoAction.ENCRYPT_AND_SIGN, attribute_actions: Optional[Dict[str, dynamodb_encryption_sdk.identifiers.CryptoAction]] = None)[source]
Bases:
object
Configuration resource used to determine what action should be taken for a specific attribute.
- Parameters
default_action (CryptoAction) – Action to take if no specific action is defined in
attribute_actions
attribute_actions (dict) – Dictionary mapping attribute names to specific actions
- action(attribute_name)[source]
Determine the correct
CryptoAction
to apply to a supplied attribute based on this config.- Parameters
attribute_name (str) – Attribute for which to determine action
- set_index_keys(*keys)[source]
Set the appropriate action for the specified indexed attribute names.
Warning
If you have already set a custom action for any of these attributes, this will raise an error.
Default Action -> Index Key Action DO_NOTHING -> DO_NOTHING SIGN_ONLY -> SIGN_ONLY ENCRYPT_AND_SIGN -> SIGN_ONLY
- Parameters
*keys (str) – Attribute names to treat as indexed
- Raises
InvalidArgumentError – if a custom action was previously set for any specified attributes
- contains_action(action)[source]
Determine if the specified action is a possible action from this configuration.
- Parameters
action (CryptoAction) – Action to look for
- class dynamodb_encryption_sdk.structures.TableIndex(partition: str, sort: Optional[str] = None)[source]
Bases:
object
Describes a table index.
- Parameters
- classmethod from_key_schema(key_schema: Iterable[Dict[str, str]]) dynamodb_encryption_sdk.structures.TableIndex [source]
Build a TableIndex from the key schema returned by DescribeTable.
[ { "KeyType": "HASH"|"RANGE", "AttributeName": "" }, ]
- Parameters
key_schema (list) – KeySchema from DescribeTable response
- Returns
New TableIndex that describes the provided schema
- Return type
- class dynamodb_encryption_sdk.structures.TableInfo(name: str, primary_index: Optional[dynamodb_encryption_sdk.structures.TableIndex] = None, secondary_indexes: Optional[List[dynamodb_encryption_sdk.structures.TableIndex]] = None)[source]
Bases:
object
Describes a DynamoDB table.
- Parameters
name (str) – Table name
all_encrypting_secondary_indexes (bool) – Should we allow secondary index attributes to be encrypted?
primary_index (TableIndex) – Description of primary index
secondary_indexes (list(TableIndex)) – Set of TableIndex objects describing any secondary indexes
- property primary_index
Return the primary TableIndex.
- Returns
primary index description
- Return type
- Raises
AttributeError – if primary index is unknown
- property secondary_indexes
Return the primary TableIndex.
- Returns
secondary index descriptions
- Return type
- Raises
AttributeError – if secondary indexes are unknown
- protected_index_keys() Set[str] [source]
Provide a set containing the names of all indexed attributes that must not be encrypted.
- property encryption_context_values
Build parameters needed to inform an EncryptionContext constructor about this table.
- Return type