1. Packages
  2. Alibaba Cloud
  3. API Docs
  4. kms
  5. Key
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

alicloud.kms.Key

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

    A kms key can help user to protect data security in the transmission process. For information about Alikms Key and how to use it, see What is Resource Alikms Key.

    NOTE: Available since v1.85.0.

    Example Usage

    Basic Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        var key = new AliCloud.Kms.Key("key", new()
        {
            Description = "Hello KMS",
            PendingWindowInDays = 7,
            Status = "Enabled",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := kms.NewKey(ctx, "key", &kms.KeyArgs{
    			Description:         pulumi.String("Hello KMS"),
    			PendingWindowInDays: pulumi.Int(7),
    			Status:              pulumi.String("Enabled"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.kms.Key;
    import com.pulumi.alicloud.kms.KeyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var key = new Key("key", KeyArgs.builder()        
                .description("Hello KMS")
                .pendingWindowInDays("7")
                .status("Enabled")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    key = alicloud.kms.Key("key",
        description="Hello KMS",
        pending_window_in_days=7,
        status="Enabled")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    const key = new alicloud.kms.Key("key", {
        description: "Hello KMS",
        pendingWindowInDays: 7,
        status: "Enabled",
    });
    
    resources:
      key:
        type: alicloud:kms:Key
        properties:
          description: Hello KMS
          pendingWindowInDays: '7'
          status: Enabled
    

    Create Key Resource

    new Key(name: string, args?: KeyArgs, opts?: CustomResourceOptions);
    @overload
    def Key(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            automatic_rotation: Optional[str] = None,
            deletion_window_in_days: Optional[int] = None,
            description: Optional[str] = None,
            dkms_instance_id: Optional[str] = None,
            is_enabled: Optional[bool] = None,
            key_spec: Optional[str] = None,
            key_state: Optional[str] = None,
            key_usage: Optional[str] = None,
            origin: Optional[str] = None,
            pending_window_in_days: Optional[int] = None,
            protection_level: Optional[str] = None,
            rotation_interval: Optional[str] = None,
            status: Optional[str] = None,
            tags: Optional[Mapping[str, Any]] = None)
    @overload
    def Key(resource_name: str,
            args: Optional[KeyArgs] = None,
            opts: Optional[ResourceOptions] = None)
    func NewKey(ctx *Context, name string, args *KeyArgs, opts ...ResourceOption) (*Key, error)
    public Key(string name, KeyArgs? args = null, CustomResourceOptions? opts = null)
    public Key(String name, KeyArgs args)
    public Key(String name, KeyArgs args, CustomResourceOptions options)
    
    type: alicloud:kms:Key
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Key Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Key resource accepts the following input properties:

    AutomaticRotation string

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    DeletionWindowInDays int

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    Description string

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    DkmsInstanceId string

    The instance ID of the exclusive KMS instance.

    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    KeySpec string

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    KeyStatus string

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    KeyUsage string

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    Origin string

    The source of key material. Default value: Aliyun_KMS. Valid values:

    PendingWindowInDays int

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    ProtectionLevel string

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    RotationInterval string

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Status string

    The status of CMK. Default value: Enabled. Valid Values:

    Tags Dictionary<string, object>

    A mapping of tags to assign to the resource.

    AutomaticRotation string

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    DeletionWindowInDays int

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    Description string

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    DkmsInstanceId string

    The instance ID of the exclusive KMS instance.

    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    KeySpec string

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    KeyState string

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    KeyUsage string

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    Origin string

    The source of key material. Default value: Aliyun_KMS. Valid values:

    PendingWindowInDays int

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    ProtectionLevel string

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    RotationInterval string

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Status string

    The status of CMK. Default value: Enabled. Valid Values:

    Tags map[string]interface{}

    A mapping of tags to assign to the resource.

    automaticRotation String

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    deletionWindowInDays Integer

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description String

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkmsInstanceId String

    The instance ID of the exclusive KMS instance.

    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    keySpec String

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    keyState String

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    keyUsage String

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    origin String

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pendingWindowInDays Integer

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    protectionLevel String

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotationInterval String

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status String

    The status of CMK. Default value: Enabled. Valid Values:

    tags Map<String,Object>

    A mapping of tags to assign to the resource.

    automaticRotation string

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    deletionWindowInDays number

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description string

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkmsInstanceId string

    The instance ID of the exclusive KMS instance.

    isEnabled boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    keySpec string

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    keyState string

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    keyUsage string

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    origin string

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pendingWindowInDays number

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    protectionLevel string

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotationInterval string

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status string

    The status of CMK. Default value: Enabled. Valid Values:

    tags {[key: string]: any}

    A mapping of tags to assign to the resource.

    automatic_rotation str

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    deletion_window_in_days int

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description str

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkms_instance_id str

    The instance ID of the exclusive KMS instance.

    is_enabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    key_spec str

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    key_state str

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    key_usage str

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    origin str

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pending_window_in_days int

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    protection_level str

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotation_interval str

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status str

    The status of CMK. Default value: Enabled. Valid Values:

    tags Mapping[str, Any]

    A mapping of tags to assign to the resource.

    automaticRotation String

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    deletionWindowInDays Number

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description String

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkmsInstanceId String

    The instance ID of the exclusive KMS instance.

    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    keySpec String

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    keyState String

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    keyUsage String

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    origin String

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pendingWindowInDays Number

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    protectionLevel String

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotationInterval String

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status String

    The status of CMK. Default value: Enabled. Valid Values:

    tags Map<Any>

    A mapping of tags to assign to the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Key resource produces the following output properties:

    Arn string

    The Alicloud Resource Name (ARN) of the key.

    CreationDate string

    The date and time when the CMK was created. The time is displayed in UTC.

    Creator string

    The creator of the CMK.

    DeleteDate string

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    Id string

    The provider-assigned unique ID for this managed resource.

    LastRotationDate string

    The date and time the last rotation was performed. The time is displayed in UTC.

    MaterialExpireTime string

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    NextRotationDate string

    The time the next rotation is scheduled for execution.

    PrimaryKeyVersion string

    The ID of the current primary key version of the symmetric CMK.

    Arn string

    The Alicloud Resource Name (ARN) of the key.

    CreationDate string

    The date and time when the CMK was created. The time is displayed in UTC.

    Creator string

    The creator of the CMK.

    DeleteDate string

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    Id string

    The provider-assigned unique ID for this managed resource.

    LastRotationDate string

    The date and time the last rotation was performed. The time is displayed in UTC.

    MaterialExpireTime string

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    NextRotationDate string

    The time the next rotation is scheduled for execution.

    PrimaryKeyVersion string

    The ID of the current primary key version of the symmetric CMK.

    arn String

    The Alicloud Resource Name (ARN) of the key.

    creationDate String

    The date and time when the CMK was created. The time is displayed in UTC.

    creator String

    The creator of the CMK.

    deleteDate String

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    id String

    The provider-assigned unique ID for this managed resource.

    lastRotationDate String

    The date and time the last rotation was performed. The time is displayed in UTC.

    materialExpireTime String

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    nextRotationDate String

    The time the next rotation is scheduled for execution.

    primaryKeyVersion String

    The ID of the current primary key version of the symmetric CMK.

    arn string

    The Alicloud Resource Name (ARN) of the key.

    creationDate string

    The date and time when the CMK was created. The time is displayed in UTC.

    creator string

    The creator of the CMK.

    deleteDate string

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    id string

    The provider-assigned unique ID for this managed resource.

    lastRotationDate string

    The date and time the last rotation was performed. The time is displayed in UTC.

    materialExpireTime string

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    nextRotationDate string

    The time the next rotation is scheduled for execution.

    primaryKeyVersion string

    The ID of the current primary key version of the symmetric CMK.

    arn str

    The Alicloud Resource Name (ARN) of the key.

    creation_date str

    The date and time when the CMK was created. The time is displayed in UTC.

    creator str

    The creator of the CMK.

    delete_date str

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    id str

    The provider-assigned unique ID for this managed resource.

    last_rotation_date str

    The date and time the last rotation was performed. The time is displayed in UTC.

    material_expire_time str

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    next_rotation_date str

    The time the next rotation is scheduled for execution.

    primary_key_version str

    The ID of the current primary key version of the symmetric CMK.

    arn String

    The Alicloud Resource Name (ARN) of the key.

    creationDate String

    The date and time when the CMK was created. The time is displayed in UTC.

    creator String

    The creator of the CMK.

    deleteDate String

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    id String

    The provider-assigned unique ID for this managed resource.

    lastRotationDate String

    The date and time the last rotation was performed. The time is displayed in UTC.

    materialExpireTime String

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    nextRotationDate String

    The time the next rotation is scheduled for execution.

    primaryKeyVersion String

    The ID of the current primary key version of the symmetric CMK.

    Look up Existing Key Resource

    Get an existing Key resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: KeyState, opts?: CustomResourceOptions): Key
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            automatic_rotation: Optional[str] = None,
            creation_date: Optional[str] = None,
            creator: Optional[str] = None,
            delete_date: Optional[str] = None,
            deletion_window_in_days: Optional[int] = None,
            description: Optional[str] = None,
            dkms_instance_id: Optional[str] = None,
            is_enabled: Optional[bool] = None,
            key_spec: Optional[str] = None,
            key_state: Optional[str] = None,
            key_usage: Optional[str] = None,
            last_rotation_date: Optional[str] = None,
            material_expire_time: Optional[str] = None,
            next_rotation_date: Optional[str] = None,
            origin: Optional[str] = None,
            pending_window_in_days: Optional[int] = None,
            primary_key_version: Optional[str] = None,
            protection_level: Optional[str] = None,
            rotation_interval: Optional[str] = None,
            status: Optional[str] = None,
            tags: Optional[Mapping[str, Any]] = None) -> Key
    func GetKey(ctx *Context, name string, id IDInput, state *KeyState, opts ...ResourceOption) (*Key, error)
    public static Key Get(string name, Input<string> id, KeyState? state, CustomResourceOptions? opts = null)
    public static Key get(String name, Output<String> id, KeyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string

    The Alicloud Resource Name (ARN) of the key.

    AutomaticRotation string

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    CreationDate string

    The date and time when the CMK was created. The time is displayed in UTC.

    Creator string

    The creator of the CMK.

    DeleteDate string

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    DeletionWindowInDays int

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    Description string

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    DkmsInstanceId string

    The instance ID of the exclusive KMS instance.

    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    KeySpec string

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    KeyStatus string

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    KeyUsage string

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    LastRotationDate string

    The date and time the last rotation was performed. The time is displayed in UTC.

    MaterialExpireTime string

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    NextRotationDate string

    The time the next rotation is scheduled for execution.

    Origin string

    The source of key material. Default value: Aliyun_KMS. Valid values:

    PendingWindowInDays int

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    PrimaryKeyVersion string

    The ID of the current primary key version of the symmetric CMK.

    ProtectionLevel string

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    RotationInterval string

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Status string

    The status of CMK. Default value: Enabled. Valid Values:

    Tags Dictionary<string, object>

    A mapping of tags to assign to the resource.

    Arn string

    The Alicloud Resource Name (ARN) of the key.

    AutomaticRotation string

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    CreationDate string

    The date and time when the CMK was created. The time is displayed in UTC.

    Creator string

    The creator of the CMK.

    DeleteDate string

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    DeletionWindowInDays int

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    Description string

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    DkmsInstanceId string

    The instance ID of the exclusive KMS instance.

    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    KeySpec string

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    KeyState string

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    KeyUsage string

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    LastRotationDate string

    The date and time the last rotation was performed. The time is displayed in UTC.

    MaterialExpireTime string

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    NextRotationDate string

    The time the next rotation is scheduled for execution.

    Origin string

    The source of key material. Default value: Aliyun_KMS. Valid values:

    PendingWindowInDays int

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    PrimaryKeyVersion string

    The ID of the current primary key version of the symmetric CMK.

    ProtectionLevel string

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    RotationInterval string

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Status string

    The status of CMK. Default value: Enabled. Valid Values:

    Tags map[string]interface{}

    A mapping of tags to assign to the resource.

    arn String

    The Alicloud Resource Name (ARN) of the key.

    automaticRotation String

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    creationDate String

    The date and time when the CMK was created. The time is displayed in UTC.

    creator String

    The creator of the CMK.

    deleteDate String

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    deletionWindowInDays Integer

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description String

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkmsInstanceId String

    The instance ID of the exclusive KMS instance.

    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    keySpec String

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    keyState String

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    keyUsage String

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    lastRotationDate String

    The date and time the last rotation was performed. The time is displayed in UTC.

    materialExpireTime String

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    nextRotationDate String

    The time the next rotation is scheduled for execution.

    origin String

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pendingWindowInDays Integer

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    primaryKeyVersion String

    The ID of the current primary key version of the symmetric CMK.

    protectionLevel String

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotationInterval String

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status String

    The status of CMK. Default value: Enabled. Valid Values:

    tags Map<String,Object>

    A mapping of tags to assign to the resource.

    arn string

    The Alicloud Resource Name (ARN) of the key.

    automaticRotation string

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    creationDate string

    The date and time when the CMK was created. The time is displayed in UTC.

    creator string

    The creator of the CMK.

    deleteDate string

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    deletionWindowInDays number

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description string

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkmsInstanceId string

    The instance ID of the exclusive KMS instance.

    isEnabled boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    keySpec string

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    keyState string

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    keyUsage string

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    lastRotationDate string

    The date and time the last rotation was performed. The time is displayed in UTC.

    materialExpireTime string

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    nextRotationDate string

    The time the next rotation is scheduled for execution.

    origin string

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pendingWindowInDays number

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    primaryKeyVersion string

    The ID of the current primary key version of the symmetric CMK.

    protectionLevel string

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotationInterval string

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status string

    The status of CMK. Default value: Enabled. Valid Values:

    tags {[key: string]: any}

    A mapping of tags to assign to the resource.

    arn str

    The Alicloud Resource Name (ARN) of the key.

    automatic_rotation str

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    creation_date str

    The date and time when the CMK was created. The time is displayed in UTC.

    creator str

    The creator of the CMK.

    delete_date str

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    deletion_window_in_days int

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description str

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkms_instance_id str

    The instance ID of the exclusive KMS instance.

    is_enabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    key_spec str

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    key_state str

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    key_usage str

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    last_rotation_date str

    The date and time the last rotation was performed. The time is displayed in UTC.

    material_expire_time str

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    next_rotation_date str

    The time the next rotation is scheduled for execution.

    origin str

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pending_window_in_days int

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    primary_key_version str

    The ID of the current primary key version of the symmetric CMK.

    protection_level str

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotation_interval str

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status str

    The status of CMK. Default value: Enabled. Valid Values:

    tags Mapping[str, Any]

    A mapping of tags to assign to the resource.

    arn String

    The Alicloud Resource Name (ARN) of the key.

    automaticRotation String

    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values:

    creationDate String

    The date and time when the CMK was created. The time is displayed in UTC.

    creator String

    The creator of the CMK.

    deleteDate String

    The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

    deletionWindowInDays Number

    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated:

    Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

    description String

    The description of the CMK. The description can be 0 to 8,192 characters in length.

    dkmsInstanceId String

    The instance ID of the exclusive KMS instance.

    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    Deprecated:

    Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

    keySpec String

    The type of the CMK. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2. Note: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    keyState String

    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated:

    Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

    keyUsage String

    The usage of the CMK. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: encrypts or decrypts data.
    • SIGN/VERIFY: generates or verifies a digital signature.
    lastRotationDate String

    The date and time the last rotation was performed. The time is displayed in UTC.

    materialExpireTime String

    The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

    nextRotationDate String

    The time the next rotation is scheduled for execution.

    origin String

    The source of key material. Default value: Aliyun_KMS. Valid values:

    pendingWindowInDays Number

    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.

    primaryKeyVersion String

    The ID of the current primary key version of the symmetric CMK.

    protectionLevel String

    The protection level of the CMK. Default value: SOFTWARE. Valid values:

    rotationInterval String

    The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when automatic_rotation = "Enabled"

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    status String

    The status of CMK. Default value: Enabled. Valid Values:

    tags Map<Any>

    A mapping of tags to assign to the resource.

    Import

    Alikms key can be imported using the id, e.g.

     $ pulumi import alicloud:kms/key:Key example <id>
    

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the alicloud Terraform Provider.

    alicloud logo
    Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi