1. Packages
  2. AWS Classic
  3. API Docs
  4. kms
  5. getKey

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi

aws.kms.getKey

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi

    Use this data source to get detailed information about the specified KMS Key with flexible key id input. This can be useful to reference key alias without having to hard code the ARN as input.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const byAlias = aws.kms.getKey({
        keyId: "alias/my-key",
    });
    const byId = aws.kms.getKey({
        keyId: "1234abcd-12ab-34cd-56ef-1234567890ab",
    });
    const byAliasArn = aws.kms.getKey({
        keyId: "arn:aws:kms:us-east-1:111122223333:alias/my-key",
    });
    const byKeyArn = aws.kms.getKey({
        keyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    by_alias = aws.kms.get_key(key_id="alias/my-key")
    by_id = aws.kms.get_key(key_id="1234abcd-12ab-34cd-56ef-1234567890ab")
    by_alias_arn = aws.kms.get_key(key_id="arn:aws:kms:us-east-1:111122223333:alias/my-key")
    by_key_arn = aws.kms.get_key(key_id="arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := kms.LookupKey(ctx, &kms.LookupKeyArgs{
    			KeyId: "alias/my-key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = kms.LookupKey(ctx, &kms.LookupKeyArgs{
    			KeyId: "1234abcd-12ab-34cd-56ef-1234567890ab",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = kms.LookupKey(ctx, &kms.LookupKeyArgs{
    			KeyId: "arn:aws:kms:us-east-1:111122223333:alias/my-key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = kms.LookupKey(ctx, &kms.LookupKeyArgs{
    			KeyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var byAlias = Aws.Kms.GetKey.Invoke(new()
        {
            KeyId = "alias/my-key",
        });
    
        var byId = Aws.Kms.GetKey.Invoke(new()
        {
            KeyId = "1234abcd-12ab-34cd-56ef-1234567890ab",
        });
    
        var byAliasArn = Aws.Kms.GetKey.Invoke(new()
        {
            KeyId = "arn:aws:kms:us-east-1:111122223333:alias/my-key",
        });
    
        var byKeyArn = Aws.Kms.GetKey.Invoke(new()
        {
            KeyId = "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.kms.KmsFunctions;
    import com.pulumi.aws.kms.inputs.GetKeyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var byAlias = KmsFunctions.getKey(GetKeyArgs.builder()
                .keyId("alias/my-key")
                .build());
    
            final var byId = KmsFunctions.getKey(GetKeyArgs.builder()
                .keyId("1234abcd-12ab-34cd-56ef-1234567890ab")
                .build());
    
            final var byAliasArn = KmsFunctions.getKey(GetKeyArgs.builder()
                .keyId("arn:aws:kms:us-east-1:111122223333:alias/my-key")
                .build());
    
            final var byKeyArn = KmsFunctions.getKey(GetKeyArgs.builder()
                .keyId("arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab")
                .build());
    
        }
    }
    
    variables:
      byAlias:
        fn::invoke:
          Function: aws:kms:getKey
          Arguments:
            keyId: alias/my-key
      byId:
        fn::invoke:
          Function: aws:kms:getKey
          Arguments:
            keyId: 1234abcd-12ab-34cd-56ef-1234567890ab
      byAliasArn:
        fn::invoke:
          Function: aws:kms:getKey
          Arguments:
            keyId: arn:aws:kms:us-east-1:111122223333:alias/my-key
      byKeyArn:
        fn::invoke:
          Function: aws:kms:getKey
          Arguments:
            keyId: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    

    Using getKey

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getKey(args: GetKeyArgs, opts?: InvokeOptions): Promise<GetKeyResult>
    function getKeyOutput(args: GetKeyOutputArgs, opts?: InvokeOptions): Output<GetKeyResult>
    def get_key(grant_tokens: Optional[Sequence[str]] = None,
                key_id: Optional[str] = None,
                opts: Optional[InvokeOptions] = None) -> GetKeyResult
    def get_key_output(grant_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                key_id: Optional[pulumi.Input[str]] = None,
                opts: Optional[InvokeOptions] = None) -> Output[GetKeyResult]
    func LookupKey(ctx *Context, args *LookupKeyArgs, opts ...InvokeOption) (*LookupKeyResult, error)
    func LookupKeyOutput(ctx *Context, args *LookupKeyOutputArgs, opts ...InvokeOption) LookupKeyResultOutput

    > Note: This function is named LookupKey in the Go SDK.

    public static class GetKey 
    {
        public static Task<GetKeyResult> InvokeAsync(GetKeyArgs args, InvokeOptions? opts = null)
        public static Output<GetKeyResult> Invoke(GetKeyInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetKeyResult> getKey(GetKeyArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:kms/getKey:getKey
      arguments:
        # arguments dictionary

    The following arguments are supported:

    KeyId string
    Key identifier which can be one of the following format:

    • Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab
    • Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    • Alias name. E.g.: alias/my-key
    • Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key
    GrantTokens List<string>
    List of grant tokens
    KeyId string
    Key identifier which can be one of the following format:

    • Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab
    • Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    • Alias name. E.g.: alias/my-key
    • Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key
    GrantTokens []string
    List of grant tokens
    keyId String
    Key identifier which can be one of the following format:

    • Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab
    • Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    • Alias name. E.g.: alias/my-key
    • Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key
    grantTokens List<String>
    List of grant tokens
    keyId string
    Key identifier which can be one of the following format:

    • Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab
    • Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    • Alias name. E.g.: alias/my-key
    • Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key
    grantTokens string[]
    List of grant tokens
    key_id str
    Key identifier which can be one of the following format:

    • Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab
    • Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    • Alias name. E.g.: alias/my-key
    • Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key
    grant_tokens Sequence[str]
    List of grant tokens
    keyId String
    Key identifier which can be one of the following format:

    • Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab
    • Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
    • Alias name. E.g.: alias/my-key
    • Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key
    grantTokens List<String>
    List of grant tokens

    getKey Result

    The following output properties are available:

    Arn string
    The key ARN of a primary or replica key of a multi-Region key.
    AwsAccountId string
    The twelve-digit account ID of the AWS account that owns the key
    CloudHsmClusterId string
    The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.
    CreationDate string
    The date and time when the key was created
    CustomKeyStoreId string
    A unique identifier for the custom key store that contains the KMS key.
    CustomerMasterKeySpec string
    Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports
    DeletionDate string
    The date and time after which AWS KMS deletes the key. This value is present only when key_state is PendingDeletion, otherwise this value is 0
    Description string
    The description of the key.
    Enabled bool
    Specifies whether the key is enabled. When key_state is Enabled this value is true, otherwise it is false
    ExpirationModel string
    Specifies whether the Key's key material expires. This value is present only when origin is EXTERNAL, otherwise this value is empty
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyId string
    KeyManager string
    The key's manager
    KeySpec string
    Describes the type of key material in the KMS key.
    KeyState string
    The state of the key
    KeyUsage string
    Specifies the intended use of the key
    MultiRegion bool
    Indicates whether the KMS key is a multi-Region (true) or regional (false) key.
    MultiRegionConfigurations List<GetKeyMultiRegionConfiguration>
    Lists the primary and replica keys in same multi-Region key. Present only when the value of multi_region is true.
    Origin string
    When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material
    PendingDeletionWindowInDays int
    The waiting period before the primary key in a multi-Region key is deleted.
    ValidTo string
    The time at which the imported key material expires. This value is present only when origin is EXTERNAL and whose expiration_model is KEY_MATERIAL_EXPIRES, otherwise this value is 0
    XksKeyConfigurations List<GetKeyXksKeyConfiguration>
    Information about the external key that is associated with a KMS key in an external key store.
    GrantTokens List<string>
    Arn string
    The key ARN of a primary or replica key of a multi-Region key.
    AwsAccountId string
    The twelve-digit account ID of the AWS account that owns the key
    CloudHsmClusterId string
    The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.
    CreationDate string
    The date and time when the key was created
    CustomKeyStoreId string
    A unique identifier for the custom key store that contains the KMS key.
    CustomerMasterKeySpec string
    Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports
    DeletionDate string
    The date and time after which AWS KMS deletes the key. This value is present only when key_state is PendingDeletion, otherwise this value is 0
    Description string
    The description of the key.
    Enabled bool
    Specifies whether the key is enabled. When key_state is Enabled this value is true, otherwise it is false
    ExpirationModel string
    Specifies whether the Key's key material expires. This value is present only when origin is EXTERNAL, otherwise this value is empty
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyId string
    KeyManager string
    The key's manager
    KeySpec string
    Describes the type of key material in the KMS key.
    KeyState string
    The state of the key
    KeyUsage string
    Specifies the intended use of the key
    MultiRegion bool
    Indicates whether the KMS key is a multi-Region (true) or regional (false) key.
    MultiRegionConfigurations []GetKeyMultiRegionConfiguration
    Lists the primary and replica keys in same multi-Region key. Present only when the value of multi_region is true.
    Origin string
    When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material
    PendingDeletionWindowInDays int
    The waiting period before the primary key in a multi-Region key is deleted.
    ValidTo string
    The time at which the imported key material expires. This value is present only when origin is EXTERNAL and whose expiration_model is KEY_MATERIAL_EXPIRES, otherwise this value is 0
    XksKeyConfigurations []GetKeyXksKeyConfiguration
    Information about the external key that is associated with a KMS key in an external key store.
    GrantTokens []string
    arn String
    The key ARN of a primary or replica key of a multi-Region key.
    awsAccountId String
    The twelve-digit account ID of the AWS account that owns the key
    cloudHsmClusterId String
    The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.
    creationDate String
    The date and time when the key was created
    customKeyStoreId String
    A unique identifier for the custom key store that contains the KMS key.
    customerMasterKeySpec String
    Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports
    deletionDate String
    The date and time after which AWS KMS deletes the key. This value is present only when key_state is PendingDeletion, otherwise this value is 0
    description String
    The description of the key.
    enabled Boolean
    Specifies whether the key is enabled. When key_state is Enabled this value is true, otherwise it is false
    expirationModel String
    Specifies whether the Key's key material expires. This value is present only when origin is EXTERNAL, otherwise this value is empty
    id String
    The provider-assigned unique ID for this managed resource.
    keyId String
    keyManager String
    The key's manager
    keySpec String
    Describes the type of key material in the KMS key.
    keyState String
    The state of the key
    keyUsage String
    Specifies the intended use of the key
    multiRegion Boolean
    Indicates whether the KMS key is a multi-Region (true) or regional (false) key.
    multiRegionConfigurations List<GetKeyMultiRegionConfiguration>
    Lists the primary and replica keys in same multi-Region key. Present only when the value of multi_region is true.
    origin String
    When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material
    pendingDeletionWindowInDays Integer
    The waiting period before the primary key in a multi-Region key is deleted.
    validTo String
    The time at which the imported key material expires. This value is present only when origin is EXTERNAL and whose expiration_model is KEY_MATERIAL_EXPIRES, otherwise this value is 0
    xksKeyConfigurations List<GetKeyXksKeyConfiguration>
    Information about the external key that is associated with a KMS key in an external key store.
    grantTokens List<String>
    arn string
    The key ARN of a primary or replica key of a multi-Region key.
    awsAccountId string
    The twelve-digit account ID of the AWS account that owns the key
    cloudHsmClusterId string
    The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.
    creationDate string
    The date and time when the key was created
    customKeyStoreId string
    A unique identifier for the custom key store that contains the KMS key.
    customerMasterKeySpec string
    Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports
    deletionDate string
    The date and time after which AWS KMS deletes the key. This value is present only when key_state is PendingDeletion, otherwise this value is 0
    description string
    The description of the key.
    enabled boolean
    Specifies whether the key is enabled. When key_state is Enabled this value is true, otherwise it is false
    expirationModel string
    Specifies whether the Key's key material expires. This value is present only when origin is EXTERNAL, otherwise this value is empty
    id string
    The provider-assigned unique ID for this managed resource.
    keyId string
    keyManager string
    The key's manager
    keySpec string
    Describes the type of key material in the KMS key.
    keyState string
    The state of the key
    keyUsage string
    Specifies the intended use of the key
    multiRegion boolean
    Indicates whether the KMS key is a multi-Region (true) or regional (false) key.
    multiRegionConfigurations GetKeyMultiRegionConfiguration[]
    Lists the primary and replica keys in same multi-Region key. Present only when the value of multi_region is true.
    origin string
    When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material
    pendingDeletionWindowInDays number
    The waiting period before the primary key in a multi-Region key is deleted.
    validTo string
    The time at which the imported key material expires. This value is present only when origin is EXTERNAL and whose expiration_model is KEY_MATERIAL_EXPIRES, otherwise this value is 0
    xksKeyConfigurations GetKeyXksKeyConfiguration[]
    Information about the external key that is associated with a KMS key in an external key store.
    grantTokens string[]
    arn str
    The key ARN of a primary or replica key of a multi-Region key.
    aws_account_id str
    The twelve-digit account ID of the AWS account that owns the key
    cloud_hsm_cluster_id str
    The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.
    creation_date str
    The date and time when the key was created
    custom_key_store_id str
    A unique identifier for the custom key store that contains the KMS key.
    customer_master_key_spec str
    Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports
    deletion_date str
    The date and time after which AWS KMS deletes the key. This value is present only when key_state is PendingDeletion, otherwise this value is 0
    description str
    The description of the key.
    enabled bool
    Specifies whether the key is enabled. When key_state is Enabled this value is true, otherwise it is false
    expiration_model str
    Specifies whether the Key's key material expires. This value is present only when origin is EXTERNAL, otherwise this value is empty
    id str
    The provider-assigned unique ID for this managed resource.
    key_id str
    key_manager str
    The key's manager
    key_spec str
    Describes the type of key material in the KMS key.
    key_state str
    The state of the key
    key_usage str
    Specifies the intended use of the key
    multi_region bool
    Indicates whether the KMS key is a multi-Region (true) or regional (false) key.
    multi_region_configurations Sequence[GetKeyMultiRegionConfiguration]
    Lists the primary and replica keys in same multi-Region key. Present only when the value of multi_region is true.
    origin str
    When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material
    pending_deletion_window_in_days int
    The waiting period before the primary key in a multi-Region key is deleted.
    valid_to str
    The time at which the imported key material expires. This value is present only when origin is EXTERNAL and whose expiration_model is KEY_MATERIAL_EXPIRES, otherwise this value is 0
    xks_key_configurations Sequence[GetKeyXksKeyConfiguration]
    Information about the external key that is associated with a KMS key in an external key store.
    grant_tokens Sequence[str]
    arn String
    The key ARN of a primary or replica key of a multi-Region key.
    awsAccountId String
    The twelve-digit account ID of the AWS account that owns the key
    cloudHsmClusterId String
    The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.
    creationDate String
    The date and time when the key was created
    customKeyStoreId String
    A unique identifier for the custom key store that contains the KMS key.
    customerMasterKeySpec String
    Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports
    deletionDate String
    The date and time after which AWS KMS deletes the key. This value is present only when key_state is PendingDeletion, otherwise this value is 0
    description String
    The description of the key.
    enabled Boolean
    Specifies whether the key is enabled. When key_state is Enabled this value is true, otherwise it is false
    expirationModel String
    Specifies whether the Key's key material expires. This value is present only when origin is EXTERNAL, otherwise this value is empty
    id String
    The provider-assigned unique ID for this managed resource.
    keyId String
    keyManager String
    The key's manager
    keySpec String
    Describes the type of key material in the KMS key.
    keyState String
    The state of the key
    keyUsage String
    Specifies the intended use of the key
    multiRegion Boolean
    Indicates whether the KMS key is a multi-Region (true) or regional (false) key.
    multiRegionConfigurations List<Property Map>
    Lists the primary and replica keys in same multi-Region key. Present only when the value of multi_region is true.
    origin String
    When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material
    pendingDeletionWindowInDays Number
    The waiting period before the primary key in a multi-Region key is deleted.
    validTo String
    The time at which the imported key material expires. This value is present only when origin is EXTERNAL and whose expiration_model is KEY_MATERIAL_EXPIRES, otherwise this value is 0
    xksKeyConfigurations List<Property Map>
    Information about the external key that is associated with a KMS key in an external key store.
    grantTokens List<String>

    Supporting Types

    GetKeyMultiRegionConfiguration

    MultiRegionKeyType string
    Indicates whether the KMS key is a PRIMARY or REPLICA key.
    PrimaryKeys List<GetKeyMultiRegionConfigurationPrimaryKey>
    The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.
    ReplicaKeys List<GetKeyMultiRegionConfigurationReplicaKey>
    The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.
    MultiRegionKeyType string
    Indicates whether the KMS key is a PRIMARY or REPLICA key.
    PrimaryKeys []GetKeyMultiRegionConfigurationPrimaryKey
    The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.
    ReplicaKeys []GetKeyMultiRegionConfigurationReplicaKey
    The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.
    multiRegionKeyType String
    Indicates whether the KMS key is a PRIMARY or REPLICA key.
    primaryKeys List<GetKeyMultiRegionConfigurationPrimaryKey>
    The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.
    replicaKeys List<GetKeyMultiRegionConfigurationReplicaKey>
    The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.
    multiRegionKeyType string
    Indicates whether the KMS key is a PRIMARY or REPLICA key.
    primaryKeys GetKeyMultiRegionConfigurationPrimaryKey[]
    The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.
    replicaKeys GetKeyMultiRegionConfigurationReplicaKey[]
    The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.
    multi_region_key_type str
    Indicates whether the KMS key is a PRIMARY or REPLICA key.
    primary_keys Sequence[GetKeyMultiRegionConfigurationPrimaryKey]
    The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.
    replica_keys Sequence[GetKeyMultiRegionConfigurationReplicaKey]
    The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.
    multiRegionKeyType String
    Indicates whether the KMS key is a PRIMARY or REPLICA key.
    primaryKeys List<Property Map>
    The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.
    replicaKeys List<Property Map>
    The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.

    GetKeyMultiRegionConfigurationPrimaryKey

    Arn string
    The key ARN of a primary or replica key of a multi-Region key.
    Region string
    The AWS Region of a primary or replica key in a multi-Region key.
    Arn string
    The key ARN of a primary or replica key of a multi-Region key.
    Region string
    The AWS Region of a primary or replica key in a multi-Region key.
    arn String
    The key ARN of a primary or replica key of a multi-Region key.
    region String
    The AWS Region of a primary or replica key in a multi-Region key.
    arn string
    The key ARN of a primary or replica key of a multi-Region key.
    region string
    The AWS Region of a primary or replica key in a multi-Region key.
    arn str
    The key ARN of a primary or replica key of a multi-Region key.
    region str
    The AWS Region of a primary or replica key in a multi-Region key.
    arn String
    The key ARN of a primary or replica key of a multi-Region key.
    region String
    The AWS Region of a primary or replica key in a multi-Region key.

    GetKeyMultiRegionConfigurationReplicaKey

    Arn string
    The key ARN of a primary or replica key of a multi-Region key.
    Region string
    The AWS Region of a primary or replica key in a multi-Region key.
    Arn string
    The key ARN of a primary or replica key of a multi-Region key.
    Region string
    The AWS Region of a primary or replica key in a multi-Region key.
    arn String
    The key ARN of a primary or replica key of a multi-Region key.
    region String
    The AWS Region of a primary or replica key in a multi-Region key.
    arn string
    The key ARN of a primary or replica key of a multi-Region key.
    region string
    The AWS Region of a primary or replica key in a multi-Region key.
    arn str
    The key ARN of a primary or replica key of a multi-Region key.
    region str
    The AWS Region of a primary or replica key in a multi-Region key.
    arn String
    The key ARN of a primary or replica key of a multi-Region key.
    region String
    The AWS Region of a primary or replica key in a multi-Region key.

    GetKeyXksKeyConfiguration

    Id string
    The globally unique identifier for the key
    Id string
    The globally unique identifier for the key
    id String
    The globally unique identifier for the key
    id string
    The globally unique identifier for the key
    id str
    The globally unique identifier for the key
    id String
    The globally unique identifier for the key

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi