1. Packages
  2. AWS Classic
  3. API Docs
  4. ebs
  5. getDefaultKmsKey

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.30.0 published on Thursday, Apr 11, 2024 by Pulumi

aws.ebs.getDefaultKmsKey

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.30.0 published on Thursday, Apr 11, 2024 by Pulumi

    Use this data source to get the default EBS encryption KMS key in the current region.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const current = aws.ebs.getDefaultKmsKey({});
    const example = new aws.ebs.Volume("example", {
        availabilityZone: "us-west-2a",
        encrypted: true,
        kmsKeyId: current.then(current => current.keyArn),
    });
    
    import pulumi
    import pulumi_aws as aws
    
    current = aws.ebs.get_default_kms_key()
    example = aws.ebs.Volume("example",
        availability_zone="us-west-2a",
        encrypted=True,
        kms_key_id=current.key_arn)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		current, err := ebs.LookupDefaultKmsKey(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		_, err = ebs.NewVolume(ctx, "example", &ebs.VolumeArgs{
    			AvailabilityZone: pulumi.String("us-west-2a"),
    			Encrypted:        pulumi.Bool(true),
    			KmsKeyId:         pulumi.String(current.KeyArn),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var current = Aws.Ebs.GetDefaultKmsKey.Invoke();
    
        var example = new Aws.Ebs.Volume("example", new()
        {
            AvailabilityZone = "us-west-2a",
            Encrypted = true,
            KmsKeyId = current.Apply(getDefaultKmsKeyResult => getDefaultKmsKeyResult.KeyArn),
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ebs.EbsFunctions;
    import com.pulumi.aws.ebs.Volume;
    import com.pulumi.aws.ebs.VolumeArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var current = EbsFunctions.getDefaultKmsKey();
    
            var example = new Volume("example", VolumeArgs.builder()        
                .availabilityZone("us-west-2a")
                .encrypted(true)
                .kmsKeyId(current.applyValue(getDefaultKmsKeyResult -> getDefaultKmsKeyResult.keyArn()))
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:ebs:Volume
        properties:
          availabilityZone: us-west-2a
          encrypted: true
          kmsKeyId: ${current.keyArn}
    variables:
      current:
        fn::invoke:
          Function: aws:ebs:getDefaultKmsKey
          Arguments: {}
    

    Using getDefaultKmsKey

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getDefaultKmsKey(opts?: InvokeOptions): Promise<GetDefaultKmsKeyResult>
    function getDefaultKmsKeyOutput(opts?: InvokeOptions): Output<GetDefaultKmsKeyResult>
    def get_default_kms_key(opts: Optional[InvokeOptions] = None) -> GetDefaultKmsKeyResult
    def get_default_kms_key_output(opts: Optional[InvokeOptions] = None) -> Output[GetDefaultKmsKeyResult]
    func LookupDefaultKmsKey(ctx *Context, opts ...InvokeOption) (*LookupDefaultKmsKeyResult, error)
    func LookupDefaultKmsKeyOutput(ctx *Context, opts ...InvokeOption) LookupDefaultKmsKeyResultOutput

    > Note: This function is named LookupDefaultKmsKey in the Go SDK.

    public static class GetDefaultKmsKey 
    {
        public static Task<GetDefaultKmsKeyResult> InvokeAsync(InvokeOptions? opts = null)
        public static Output<GetDefaultKmsKeyResult> Invoke(InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetDefaultKmsKeyResult> getDefaultKmsKey(InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:ebs/getDefaultKmsKey:getDefaultKmsKey
      arguments:
        # arguments dictionary

    getDefaultKmsKey Result

    The following output properties are available:

    Id string
    The provider-assigned unique ID for this managed resource.
    KeyArn string
    ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyArn string
    ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.
    id String
    The provider-assigned unique ID for this managed resource.
    keyArn String
    ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.
    id string
    The provider-assigned unique ID for this managed resource.
    keyArn string
    ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.
    id str
    The provider-assigned unique ID for this managed resource.
    key_arn str
    ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.
    id String
    The provider-assigned unique ID for this managed resource.
    keyArn String
    ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.30.0 published on Thursday, Apr 11, 2024 by Pulumi