pulumi-aws-kotlin/com.pulumi.aws.kms.kotlin/KeyPolicyArgsBuilder/policy

policy

@JvmName(name = "uhjjoyfimpphilmb")

suspend fun policy(value: Output<String>)

@JvmName(name = "dvctwtmkmvgxjmso")

suspend fun policy(value: String?)

Parameters

value

A valid policy JSON document. Although this is a key policy, not an IAM policy, an aws.iam.getPolicyDocument, in the form that designates a principal, can be used. For more information about building policy documents, see the AWS IAM Policy Document Guide.

NOTE: Note: All KMS keys must have a key policy. If a key policy is not specified, or this resource is destroyed, AWS gives the KMS key a default key policy that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.