Skip to main content

IKMSKeyMetadata

Interface in AWS.KMS

Interface for KeyMetadata.

Properties

Arn

property Arn: TARN

The Amazon Resource Name (ARN) of the KMS key.

AWSAccountId

property AWSAccountId: string

The twelve-digit account ID of the AWS account that owns the KMS key.

CloudHsmClusterId

property CloudHsmClusterId: string

The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.

CreationDate

property CreationDate: TOptional<TDateTime>

The date and time when the KMS key was created.

CustomerMasterKeySpec

property CustomerMasterKeySpec: string

The KeySpec and CustomerMasterKeySpec fields have the same value.

Deprecated field. Use KeySpec field.

CustomKeyStoreId

property CustomKeyStoreId: string

The unique identifier for the custom key store that contains the KMS key.

DeletionDate

property DeletionDate: TOptional<TDateTime>

The date and time after which AWS KMS will delete this KMS key.

Description

property Description: string

The description of the KMS key.

Enabled

property Enabled: TOptional<Boolean>

Specifies if the KMS key is enabled.

EncryptionAlgorithms

property EncryptionAlgorithms: TList<string>

The encryption algorithms that the KMS key supports.

ExpirationModel

property ExpirationModel: string

Specifies whether the KMS key's material expires.

Valid values: KEY_MATERIAL_EXPIRES | KEY_MATERIAL_DOES_NOT_EXPIRE.

KeyId

property KeyId: string

The globally unique identifier for the KMS key.

KeyManager

property KeyManager: string

The manager of the KMS key.

Valid values: AWS | CUSTOMER.

KeySpec

property KeySpec: string

Describes the type of key material in the KMS key.

Valid values: RSA_2048 | RSA_3072 | RSA_4096 | ECC_NIST_P256 | ECC_NIST_P384 | ECC_NIST_P521 | ECC_SECG_P256K1 | SYMMETRIC_DEFAULT | HMAC_224 | HMAC_256 | HMAC_384 | HMAC_512 | SM2.

KeyState

property KeyState: string

The current state of the KMS key.

Valid values: Creating | Enabled | Disabled | PendingDeletion | PendingImport | PendingReplicaDeletion | Unavailable | Updating.

KeyUsage

property KeyUsage: string

The cryptographic operations for which you can use the KMS key.

Valid values: SIGN_VERIFY | ENCRYPT_DECRYPT | GENERATE_VERIFY_MAC.

MacAlgorithms

property MacAlgorithms: TList<string>

The message authentication code (MAC) algorithm that the HMAC KMS key supports.

MultiRegion

property MultiRegion: TOptional<Boolean>

Indicates whether the KMS key is a mutli-region or regional key.

This value is True for multi-region primary and replica keys and False for regional KMS keys.

MultiRegionConfiguration

property MultiRegionConfiguration: IKMSMultiRegionConfiguration

Type: IKMSMultiRegionConfiguration

Lists the primary and replica keys in the same multi-region key.

This field is only present when the value of MultiRegion is True.

Origin

property Origin: string

The source of the key material for the KMS key.

PendingDeletionWindowInDays

property PendingDeletionWindowInDays: TOptional<Integer>

The waiting period before the primary key in a mutli-region key is deleted.

SigningAlgorithms

property SigningAlgorithms: TList<string>

The signing algorithm that the KMS key supports.

Valid values: RSASSA_PSS_SHA_256 | RSASSA_PSS_SHA_384 | RSASSA_PSS_SHA_512 | RSASSA_PKCS1_V1_5_SHA_256 | RSASSA_PKCS1_V1_5_SHA_384 | RSASSA_PKCS1_V1_5_SHA_512 | ECDSA_SHA_256 | ECDSA_SHA_384 | ECDSA_SHA_512 | SM2DSA.

ValidTo

property ValidTo: TOptional<TDateTime>

The date and time at which the imported key material expires.