AwsKmsKeyDetails
Contains metadata about an Amazon KMS key.
Contents
- AWSAccountId
-
The twelve-digit account ID of the Amazon Web Services account that owns the KMS key.
Type: String
Pattern:
.*\S.*Required: No
- CreationDate
-
Indicates when the KMS key was created.
Uses the
date-timeformat specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces, and date and time should be separated by T. For example,2020-03-22T13:22:13.933Z.Type: Double
Required: No
- Description
-
A description of the KMS key.
Type: String
Pattern:
.*\S.*Required: No
- KeyId
-
The globally unique identifier for the KMS key.
Type: String
Pattern:
.*\S.*Required: No
- KeyManager
-
The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or Amazon managed.
Type: String
Pattern:
.*\S.*Required: No
- KeyRotationStatus
-
Whether the key has key rotation enabled.
Type: Boolean
Required: No
- KeyState
-
The state of the KMS key. Valid values are as follows:
-
Disabled -
Enabled -
PendingDeletion -
PendingImport -
Unavailable
Type: String
Pattern:
.*\S.*Required: No
-
- Origin
-
The source of the KMS key material.
When this value is
AWS_KMS, Amazon KMS created the key material.When this value is
EXTERNAL, the key material was imported from your existing key management infrastructure or the KMS key lacks key material.When this value is
AWS_CLOUDHSM, the key material was created in the Amazon CloudHSM cluster associated with a custom key store.Type: String
Pattern:
.*\S.*Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: