AWSKey Type
An Amazon KMS customer master key (CMK).
Remarks
This type represents an Amazon KMS customer master key (CMK).
Fields
accountId String |
The Id of the AWS account that owns the CMK. This property reflects the Id of the AWS account that owns the CMK. |
algorithms String |
A comma-separated list of algorithms that the CMK supports. This property reflects a comma-separated list of algorithms that the CMK supports. If ForSigning is , possible values are:
If ForSigning is , possible values are:
|
arn String |
The Amazon resource name (ARN) of the CMK. This property reflects the Amazon resource name (ARN) of the CMK. |
awsManaged Bool |
Whether the CMK is AWS-managed. This property reflects whether the CMK is AWS-managed () or customer-managed (). |
cloudHSMClusterId String |
The Id of the CloudHSM cluster the CMK's key material resides in, if applicable. If the CMK resides in a custom key store, this property reflects the Id of the CloudHSM that the CMK's key material resides in. |
creationDate String |
The creation date of the CMK. This property reflects the creation date of the CMK, in seconds since the Unix epoch (including fractional seconds). |
customKeyStoreId String |
The Id of the custom key store that the CMK resides in, if applicable. If the CMK resides in a custom key store, this property reflects the Id of said custom key store. |
deletionDate String |
The date at which the CMK will be deleted, if applicable. If the CMK's State is aksPendingDeletion (2), this property will reflect the deletion date, in seconds since the Unix epoch (including fractional seconds). |
description_ String |
The CMK's description. This property reflects the CMK's description. To change a CMK's description, use the UpdateKeyDescription method. |
enabled Bool |
Whether the CMK is enabled. This property reflects whether the CMK is currently enabled. |
expirationDate String |
The date at which the CMK's key material will expire, if applicable. If the CMK's key material Origin is akoExternal (1), and the external key material has an expiration date, this property will reflect said date, in seconds since the Unix epoch (including fractional seconds). |
forSigning Bool |
Whether the CMK is for signing or encryption. This property reflects whether the CMK's usage is signing/verification () or encryption/decryption (). A CMK's usage determines which cryptographic operations it can be used for. For example, a CMK with signing/verification usage can be used for Sign and Verify operations, but not for Encrypt, Decrypt or ReEncrypt operations. |
id String |
The Id of the CMK. This property reflects the Id of the CMK. |
keySpec String |
The key spec of the CMK. This property reflects the key spec of the CMK. For symmetric CMKs, the only possible value is SYMMETRIC_DEFAULT which, according to the Amazon KMS documentation, is based on AES-256-GCM. For asymmetric CMKs, possible values are:
|
origin AWSKeyOrigins |
The origin of the CMK's key material. This property reflects the origin of the CMK's key material. Possible values are:
|
state AWSKeyStates |
The CMK's state. This property reflects the CMK's state. Possible values are:
|