Docs Home
AWS v6.83.0 published on Monday, Jun 16, 2025 by Pulumi
aws.ebs.getDefaultKmsKey
Explore with Pulumi AI
Use this data source to get the default EBS encryption KMS key in the current region.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = aws.ebs.getDefaultKmsKey({});
const example = new aws.ebs.Volume("example", {
availabilityZone: "us-west-2a",
encrypted: true,
kmsKeyId: current.then(current => current.keyArn),
});
import pulumi
import pulumi_aws as aws
current = aws.ebs.get_default_kms_key()
example = aws.ebs.Volume("example",
availability_zone="us-west-2a",
encrypted=True,
kms_key_id=current.key_arn)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := ebs.LookupDefaultKmsKey(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
_, err = ebs.NewVolume(ctx, "example", &ebs.VolumeArgs{
AvailabilityZone: pulumi.String("us-west-2a"),
Encrypted: pulumi.Bool(true),
KmsKeyId: pulumi.String(current.KeyArn),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var current = Aws.Ebs.GetDefaultKmsKey.Invoke();
var example = new Aws.Ebs.Volume("example", new()
{
AvailabilityZone = "us-west-2a",
Encrypted = true,
KmsKeyId = current.Apply(getDefaultKmsKeyResult => getDefaultKmsKeyResult.KeyArn),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ebs.EbsFunctions;
import com.pulumi.aws.ebs.Volume;
import com.pulumi.aws.ebs.VolumeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = EbsFunctions.getDefaultKmsKey(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);
var example = new Volume("example", VolumeArgs.builder()
.availabilityZone("us-west-2a")
.encrypted(true)
.kmsKeyId(current.keyArn())
.build());
}
}
resources:
example:
type: aws:ebs:Volume
properties:
availabilityZone: us-west-2a
encrypted: true
kmsKeyId: ${current.keyArn}
variables:
current:
fn::invoke:
function: aws:ebs:getDefaultKmsKey
arguments: {}
Using getDefaultKmsKey
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getDefaultKmsKey(opts?: InvokeOptions): Promise<GetDefaultKmsKeyResult>
function getDefaultKmsKeyOutput(opts?: InvokeOptions): Output<GetDefaultKmsKeyResult>def get_default_kms_key(opts: Optional[InvokeOptions] = None) -> GetDefaultKmsKeyResult
def get_default_kms_key_output(opts: Optional[InvokeOptions] = None) -> Output[GetDefaultKmsKeyResult]func LookupDefaultKmsKey(ctx *Context, opts ...InvokeOption) (*LookupDefaultKmsKeyResult, error)
func LookupDefaultKmsKeyOutput(ctx *Context, opts ...InvokeOption) LookupDefaultKmsKeyResultOutput> Note: This function is named LookupDefaultKmsKey in the Go SDK.
public static class GetDefaultKmsKey
{
public static Task<GetDefaultKmsKeyResult> InvokeAsync(InvokeOptions? opts = null)
public static Output<GetDefaultKmsKeyResult> Invoke(InvokeOptions? opts = null)
}public static CompletableFuture<GetDefaultKmsKeyResult> getDefaultKmsKey(InvokeOptions options)
public static Output<GetDefaultKmsKeyResult> getDefaultKmsKey(InvokeOptions options)
fn::invoke:
function: aws:ebs/getDefaultKmsKey:getDefaultKmsKey
arguments:
# arguments dictionarygetDefaultKmsKey Result
The following output properties are available:
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.