pulumi-aws-native-kotlin/com.pulumi.awsnative.kms.kotlin/KmsFunctions/getKey

getKey

suspend fun getKey(argument: GetKeyPlainArgs): GetKeyResult

The `AWS::KMS::Key` resource specifies an KMS key in KMSlong. You can use this resource to create symmetric encryption KMS keys, asymmetric KMS keys for encryption or signing, and symmetric HMAC KMS keys. You can use `AWS::KMS::Key` to create multi-Region primary keys of all supported types. To replicate a multi-Region key, use the `AWS::KMS::ReplicaKey` resource. If you change the value of the `KeySpec`, `KeyUsage`, `Origin`, or `MultiRegion` properties of an existing KMS key, the update request fails, regardless of the value of the UpdateReplacePolicy attribute. This prevents you from accidentally deleting a KMS key by changing any of its immutable property values. KMS replaced the term customer master key (CMK) with ** and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term. You can use symmetric encryption KMS keys to encrypt and decrypt small amounts of data, but they are more commonly used to generate data keys and data key pairs. You can also use a symmetric encryption KMS key to encrypt data stored in AWS services that are integrated with. For more information, see Symmetric encryption KMS keys in the Developer Guide. You can use asymmetric KMS keys to encrypt and decrypt data or sign messages and verify signatures. To create an asymmetric key, you must specify an asymmetric `KeySpec` value and a `KeyUsage` value. For details, see Asymmetric keys in in the Developer Guide. You can use HMAC KMS keys (which are also symmetric keys) to generate and verify hash-based message authentication codes. To create an HMAC key, you must specify an HMAC `KeySpec` value and a `KeyUsage` value of `GENERATE_VERIFY_MAC`. For details, see HMAC keys in in the Developer Guide. You can also create symmetric encryption, asymmetric, and HMAC multi-Region primary keys. To create a multi-Region primary key, set the `MultiRegion` property to `true`. For information about multi-Region keys, see Multi-Region keys in in the Developer Guide. You cannot use the `AWS::KMS::Key` resource to specify a KMS key with imported key material or a KMS key in a custom key store. Regions KMS CloudFormation resources are available in all Regions in which KMS and CFN are supported. You can use the `AWS::KMS::Key` resource to create and manage all KMS key types that are supported in a Region.

Return

null

Parameters

argument

null

suspend fun getKey(keyId: String): GetKeyResult

Return

null

Parameters

keyId

The key ID of the KMS key, such as 1234abcd-12ab-34cd-56ef-1234567890ab . For information about the key ID of a KMS key, see Key ID in the AWS Key Management Service Developer Guide .

See also

.

suspend fun getKey(argument: suspend GetKeyPlainArgsBuilder.() -> Unit): GetKeyResult

Return

null

Parameters

argument

Builder for com.pulumi.awsnative.kms.kotlin.inputs.GetKeyPlainArgs.

See also

.