Menu
AWS Key Management Service
API Reference (API Version 2014-11-01)

GrantListEntry

Contains information about an entry in a list of grants.

Contents

Note

In the following list, the required parameters are described first.

Constraints

A list of key-value pairs that must be present in the encryption context of certain subsequent operations that the grant allows.

Type: GrantConstraints object

Required: No

CreationDate

The date and time when the grant was created.

Type: Timestamp

Required: No

GranteePrincipal

The principal that receives the grant's permissions.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Required: No

GrantId

The unique identifier for the grant.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: No

IssuingAccount

The AWS account under which the grant was issued.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Required: No

KeyId

The unique identifier for the customer master key (CMK) to which the grant applies.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: No

Name

The friendly name that identifies the grant. If a name was provided in the CreateGrant request, that name is returned. Otherwise this value is null.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Pattern: ^[a-zA-Z0-9:/_-]+$

Required: No

Operations

The list of operations permitted by the grant.

Type: Array of strings

Valid Values: Decrypt | Encrypt | GenerateDataKey | GenerateDataKeyWithoutPlaintext | ReEncryptFrom | ReEncryptTo | CreateGrant | RetireGrant | DescribeKey

Required: No

RetiringPrincipal

The principal that can retire the grant.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

On this page: