alicloud.kms.Key
Explore with Pulumi AI
A kms key can help user to protect data security in the transmission process. For information about Alikms Key and how to use it, see What is Resource Alikms Key.
NOTE: Available since v1.85.0.
Example Usage
Basic Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var key = new AliCloud.Kms.Key("key", new()
{
Description = "Hello KMS",
PendingWindowInDays = 7,
Status = "Enabled",
});
});
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKey(ctx, "key", &kms.KeyArgs{
Description: pulumi.String("Hello KMS"),
PendingWindowInDays: pulumi.Int(7),
Status: pulumi.String("Enabled"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.Key;
import com.pulumi.alicloud.kms.KeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var key = new Key("key", KeyArgs.builder()
.description("Hello KMS")
.pendingWindowInDays("7")
.status("Enabled")
.build());
}
}
import pulumi
import pulumi_alicloud as alicloud
key = alicloud.kms.Key("key",
description="Hello KMS",
pending_window_in_days=7,
status="Enabled")
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const key = new alicloud.kms.Key("key", {
description: "Hello KMS",
pendingWindowInDays: 7,
status: "Enabled",
});
resources:
key:
type: alicloud:kms:Key
properties:
description: Hello KMS
pendingWindowInDays: '7'
status: Enabled
Create Key Resource
new Key(name: string, args?: KeyArgs, opts?: CustomResourceOptions);
@overload
def Key(resource_name: str,
opts: Optional[ResourceOptions] = None,
automatic_rotation: Optional[str] = None,
deletion_window_in_days: Optional[int] = None,
description: Optional[str] = None,
dkms_instance_id: Optional[str] = None,
is_enabled: Optional[bool] = None,
key_spec: Optional[str] = None,
key_state: Optional[str] = None,
key_usage: Optional[str] = None,
origin: Optional[str] = None,
pending_window_in_days: Optional[int] = None,
protection_level: Optional[str] = None,
rotation_interval: Optional[str] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None)
@overload
def Key(resource_name: str,
args: Optional[KeyArgs] = None,
opts: Optional[ResourceOptions] = None)
func NewKey(ctx *Context, name string, args *KeyArgs, opts ...ResourceOption) (*Key, error)
public Key(string name, KeyArgs? args = null, CustomResourceOptions? opts = null)
type: alicloud:kms:Key
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Key Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Key resource accepts the following input properties:
- Automatic
Rotation string Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- Deletion
Window intIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- Description string
The description of the CMK. The description can be 0 to 8,192 characters in length.
- Dkms
Instance stringId The instance ID of the exclusive KMS instance.
- Is
Enabled bool Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- Key
Spec string The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- Key
Status string Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- Key
Usage string The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- Origin string
The source of key material. Default value:
Aliyun_KMS
. Valid values:- Pending
Window intIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- Protection
Level string The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- Rotation
Interval string The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- Status string
The status of CMK. Default value:
Enabled
. Valid Values:- Dictionary<string, object>
A mapping of tags to assign to the resource.
- Automatic
Rotation string Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- Deletion
Window intIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- Description string
The description of the CMK. The description can be 0 to 8,192 characters in length.
- Dkms
Instance stringId The instance ID of the exclusive KMS instance.
- Is
Enabled bool Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- Key
Spec string The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- Key
State string Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- Key
Usage string The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- Origin string
The source of key material. Default value:
Aliyun_KMS
. Valid values:- Pending
Window intIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- Protection
Level string The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- Rotation
Interval string The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- Status string
The status of CMK. Default value:
Enabled
. Valid Values:- map[string]interface{}
A mapping of tags to assign to the resource.
- automatic
Rotation String Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- deletion
Window IntegerIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description String
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms
Instance StringId The instance ID of the exclusive KMS instance.
- is
Enabled Boolean Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key
Spec String The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key
State String Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key
Usage String The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- origin String
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending
Window IntegerIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- protection
Level String The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation
Interval String The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status String
The status of CMK. Default value:
Enabled
. Valid Values:- Map<String,Object>
A mapping of tags to assign to the resource.
- automatic
Rotation string Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- deletion
Window numberIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description string
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms
Instance stringId The instance ID of the exclusive KMS instance.
- is
Enabled boolean Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key
Spec string The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key
State string Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key
Usage string The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- origin string
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending
Window numberIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- protection
Level string The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation
Interval string The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status string
The status of CMK. Default value:
Enabled
. Valid Values:- {[key: string]: any}
A mapping of tags to assign to the resource.
- automatic_
rotation str Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- deletion_
window_ intin_ days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description str
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms_
instance_ strid The instance ID of the exclusive KMS instance.
- is_
enabled bool Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key_
spec str The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key_
state str Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key_
usage str The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- origin str
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending_
window_ intin_ days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- protection_
level str The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation_
interval str The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status str
The status of CMK. Default value:
Enabled
. Valid Values:- Mapping[str, Any]
A mapping of tags to assign to the resource.
- automatic
Rotation String Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- deletion
Window NumberIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description String
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms
Instance StringId The instance ID of the exclusive KMS instance.
- is
Enabled Boolean Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key
Spec String The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key
State String Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key
Usage String The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- origin String
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending
Window NumberIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- protection
Level String The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation
Interval String The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status String
The status of CMK. Default value:
Enabled
. Valid Values:- Map<Any>
A mapping of tags to assign to the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the Key resource produces the following output properties:
- Arn string
The Alicloud Resource Name (ARN) of the key.
- Creation
Date string The date and time when the CMK was created. The time is displayed in UTC.
- Creator string
The creator of the CMK.
- Delete
Date string The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- Id string
The provider-assigned unique ID for this managed resource.
- Last
Rotation stringDate The date and time the last rotation was performed. The time is displayed in UTC.
- Material
Expire stringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- Next
Rotation stringDate The time the next rotation is scheduled for execution.
- Primary
Key stringVersion The ID of the current primary key version of the symmetric CMK.
- Arn string
The Alicloud Resource Name (ARN) of the key.
- Creation
Date string The date and time when the CMK was created. The time is displayed in UTC.
- Creator string
The creator of the CMK.
- Delete
Date string The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- Id string
The provider-assigned unique ID for this managed resource.
- Last
Rotation stringDate The date and time the last rotation was performed. The time is displayed in UTC.
- Material
Expire stringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- Next
Rotation stringDate The time the next rotation is scheduled for execution.
- Primary
Key stringVersion The ID of the current primary key version of the symmetric CMK.
- arn String
The Alicloud Resource Name (ARN) of the key.
- creation
Date String The date and time when the CMK was created. The time is displayed in UTC.
- creator String
The creator of the CMK.
- delete
Date String The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- id String
The provider-assigned unique ID for this managed resource.
- last
Rotation StringDate The date and time the last rotation was performed. The time is displayed in UTC.
- material
Expire StringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next
Rotation StringDate The time the next rotation is scheduled for execution.
- primary
Key StringVersion The ID of the current primary key version of the symmetric CMK.
- arn string
The Alicloud Resource Name (ARN) of the key.
- creation
Date string The date and time when the CMK was created. The time is displayed in UTC.
- creator string
The creator of the CMK.
- delete
Date string The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- id string
The provider-assigned unique ID for this managed resource.
- last
Rotation stringDate The date and time the last rotation was performed. The time is displayed in UTC.
- material
Expire stringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next
Rotation stringDate The time the next rotation is scheduled for execution.
- primary
Key stringVersion The ID of the current primary key version of the symmetric CMK.
- arn str
The Alicloud Resource Name (ARN) of the key.
- creation_
date str The date and time when the CMK was created. The time is displayed in UTC.
- creator str
The creator of the CMK.
- delete_
date str The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- id str
The provider-assigned unique ID for this managed resource.
- last_
rotation_ strdate The date and time the last rotation was performed. The time is displayed in UTC.
- material_
expire_ strtime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next_
rotation_ strdate The time the next rotation is scheduled for execution.
- primary_
key_ strversion The ID of the current primary key version of the symmetric CMK.
- arn String
The Alicloud Resource Name (ARN) of the key.
- creation
Date String The date and time when the CMK was created. The time is displayed in UTC.
- creator String
The creator of the CMK.
- delete
Date String The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- id String
The provider-assigned unique ID for this managed resource.
- last
Rotation StringDate The date and time the last rotation was performed. The time is displayed in UTC.
- material
Expire StringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next
Rotation StringDate The time the next rotation is scheduled for execution.
- primary
Key StringVersion The ID of the current primary key version of the symmetric CMK.
Look up Existing Key Resource
Get an existing Key resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: KeyState, opts?: CustomResourceOptions): Key
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
automatic_rotation: Optional[str] = None,
creation_date: Optional[str] = None,
creator: Optional[str] = None,
delete_date: Optional[str] = None,
deletion_window_in_days: Optional[int] = None,
description: Optional[str] = None,
dkms_instance_id: Optional[str] = None,
is_enabled: Optional[bool] = None,
key_spec: Optional[str] = None,
key_state: Optional[str] = None,
key_usage: Optional[str] = None,
last_rotation_date: Optional[str] = None,
material_expire_time: Optional[str] = None,
next_rotation_date: Optional[str] = None,
origin: Optional[str] = None,
pending_window_in_days: Optional[int] = None,
primary_key_version: Optional[str] = None,
protection_level: Optional[str] = None,
rotation_interval: Optional[str] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None) -> Key
func GetKey(ctx *Context, name string, id IDInput, state *KeyState, opts ...ResourceOption) (*Key, error)
public static Key Get(string name, Input<string> id, KeyState? state, CustomResourceOptions? opts = null)
public static Key get(String name, Output<String> id, KeyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
The Alicloud Resource Name (ARN) of the key.
- Automatic
Rotation string Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- Creation
Date string The date and time when the CMK was created. The time is displayed in UTC.
- Creator string
The creator of the CMK.
- Delete
Date string The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- Deletion
Window intIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- Description string
The description of the CMK. The description can be 0 to 8,192 characters in length.
- Dkms
Instance stringId The instance ID of the exclusive KMS instance.
- Is
Enabled bool Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- Key
Spec string The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- Key
Status string Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- Key
Usage string The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- Last
Rotation stringDate The date and time the last rotation was performed. The time is displayed in UTC.
- Material
Expire stringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- Next
Rotation stringDate The time the next rotation is scheduled for execution.
- Origin string
The source of key material. Default value:
Aliyun_KMS
. Valid values:- Pending
Window intIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- Primary
Key stringVersion The ID of the current primary key version of the symmetric CMK.
- Protection
Level string The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- Rotation
Interval string The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- Status string
The status of CMK. Default value:
Enabled
. Valid Values:- Dictionary<string, object>
A mapping of tags to assign to the resource.
- Arn string
The Alicloud Resource Name (ARN) of the key.
- Automatic
Rotation string Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- Creation
Date string The date and time when the CMK was created. The time is displayed in UTC.
- Creator string
The creator of the CMK.
- Delete
Date string The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- Deletion
Window intIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- Description string
The description of the CMK. The description can be 0 to 8,192 characters in length.
- Dkms
Instance stringId The instance ID of the exclusive KMS instance.
- Is
Enabled bool Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- Key
Spec string The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- Key
State string Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- Key
Usage string The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- Last
Rotation stringDate The date and time the last rotation was performed. The time is displayed in UTC.
- Material
Expire stringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- Next
Rotation stringDate The time the next rotation is scheduled for execution.
- Origin string
The source of key material. Default value:
Aliyun_KMS
. Valid values:- Pending
Window intIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- Primary
Key stringVersion The ID of the current primary key version of the symmetric CMK.
- Protection
Level string The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- Rotation
Interval string The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- Status string
The status of CMK. Default value:
Enabled
. Valid Values:- map[string]interface{}
A mapping of tags to assign to the resource.
- arn String
The Alicloud Resource Name (ARN) of the key.
- automatic
Rotation String Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- creation
Date String The date and time when the CMK was created. The time is displayed in UTC.
- creator String
The creator of the CMK.
- delete
Date String The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- deletion
Window IntegerIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description String
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms
Instance StringId The instance ID of the exclusive KMS instance.
- is
Enabled Boolean Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key
Spec String The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key
State String Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key
Usage String The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- last
Rotation StringDate The date and time the last rotation was performed. The time is displayed in UTC.
- material
Expire StringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next
Rotation StringDate The time the next rotation is scheduled for execution.
- origin String
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending
Window IntegerIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- primary
Key StringVersion The ID of the current primary key version of the symmetric CMK.
- protection
Level String The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation
Interval String The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status String
The status of CMK. Default value:
Enabled
. Valid Values:- Map<String,Object>
A mapping of tags to assign to the resource.
- arn string
The Alicloud Resource Name (ARN) of the key.
- automatic
Rotation string Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- creation
Date string The date and time when the CMK was created. The time is displayed in UTC.
- creator string
The creator of the CMK.
- delete
Date string The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- deletion
Window numberIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description string
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms
Instance stringId The instance ID of the exclusive KMS instance.
- is
Enabled boolean Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key
Spec string The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key
State string Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key
Usage string The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- last
Rotation stringDate The date and time the last rotation was performed. The time is displayed in UTC.
- material
Expire stringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next
Rotation stringDate The time the next rotation is scheduled for execution.
- origin string
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending
Window numberIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- primary
Key stringVersion The ID of the current primary key version of the symmetric CMK.
- protection
Level string The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation
Interval string The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status string
The status of CMK. Default value:
Enabled
. Valid Values:- {[key: string]: any}
A mapping of tags to assign to the resource.
- arn str
The Alicloud Resource Name (ARN) of the key.
- automatic_
rotation str Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- creation_
date str The date and time when the CMK was created. The time is displayed in UTC.
- creator str
The creator of the CMK.
- delete_
date str The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- deletion_
window_ intin_ days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description str
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms_
instance_ strid The instance ID of the exclusive KMS instance.
- is_
enabled bool Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key_
spec str The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key_
state str Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key_
usage str The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- last_
rotation_ strdate The date and time the last rotation was performed. The time is displayed in UTC.
- material_
expire_ strtime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next_
rotation_ strdate The time the next rotation is scheduled for execution.
- origin str
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending_
window_ intin_ days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- primary_
key_ strversion The ID of the current primary key version of the symmetric CMK.
- protection_
level str The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation_
interval str The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status str
The status of CMK. Default value:
Enabled
. Valid Values:- Mapping[str, Any]
A mapping of tags to assign to the resource.
- arn String
The Alicloud Resource Name (ARN) of the key.
- automatic
Rotation String Specifies whether to enable automatic key rotation. Default value:
Disabled
. Valid values:- creation
Date String The date and time when the CMK was created. The time is displayed in UTC.
- creator String
The creator of the CMK.
- delete
Date String The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
- deletion
Window NumberIn Days Field
deletion_window_in_days
has been deprecated from provider version 1.85.0. New fieldpending_window_in_days
instead.Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
- description String
The description of the CMK. The description can be 0 to 8,192 characters in length.
- dkms
Instance StringId The instance ID of the exclusive KMS instance.
- is
Enabled Boolean Field
is_enabled
has been deprecated from provider version 1.85.0. New fieldstatus
instead.Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
- key
Spec String The type of the CMK. Default value:
Aliyun_AES_256
. Valid values:Aliyun_AES_256
,Aliyun_AES_128
,Aliyun_AES_192
,Aliyun_SM4
,RSA_2048
,RSA_3072
,EC_P256
,EC_P256K
,EC_SM2
. Note: The default type of the CMK isAliyun_AES_256
. Only Dedicated KMS supportsAliyun_AES_128
andAliyun_AES_192
.- key
State String Field
key_state
has been deprecated from provider version 1.123.1. New fieldstatus
instead.Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
- key
Usage String The usage of the CMK. Default value:
ENCRYPT/DECRYPT
. Valid values:ENCRYPT/DECRYPT
: encrypts or decrypts data.SIGN/VERIFY
: generates or verifies a digital signature.
- last
Rotation StringDate The date and time the last rotation was performed. The time is displayed in UTC.
- material
Expire StringTime The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
- next
Rotation StringDate The time the next rotation is scheduled for execution.
- origin String
The source of key material. Default value:
Aliyun_KMS
. Valid values:- pending
Window NumberIn Days The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. NOTE: From version 1.184.0,
pending_window_in_days
can be set to366
.- primary
Key StringVersion The ID of the current primary key version of the symmetric CMK.
- protection
Level String The protection level of the CMK. Default value:
SOFTWARE
. Valid values:- rotation
Interval String The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. NOTE: It is Required when
automatic_rotation = "Enabled"
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
- status String
The status of CMK. Default value:
Enabled
. Valid Values:- Map<Any>
A mapping of tags to assign to the resource.
Import
Alikms key can be imported using the id, e.g.
$ pulumi import alicloud:kms/key:Key example <id>
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
alicloud
Terraform Provider.