AWS SDK Version 2 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

.NET Framework 4.5
Encrypts data on the server side with a new customer master key without exposing the plaintext of the data on the client side. The data is first decrypted and then encrypted. This operation can also be used to change the encryption context of a ciphertext.

Unlike other actions, ReEncrypt is authorized twice - once as ReEncryptFrom on the source key and once as ReEncryptTo on the destination key. We therefore recommend that you include the "action":"kms:ReEncrypt*" statement in your key policies to permit re-encryption from or to the key. The statement is included automatically when you authorize use of the key through the console but must be included manually when you set a policy by using the PutKeyPolicy function.

Namespace: Amazon.KeyManagementService
Assembly: AWSSDK.dll
Version: (assembly version)


public abstract ReEncryptResponse ReEncrypt(
         ReEncryptRequest request


Type: Amazon.KeyManagementService.Model.ReEncryptRequest

Container for the necessary parameters to execute the ReEncrypt service method.

Return Value
Type: Amazon.KeyManagementService.Model.ReEncryptResponse
The response from the ReEncrypt service method, as returned by KeyManagementService.


DependencyTimeoutException The system timed out while trying to fulfill the request. The request can be retried.
DisabledException The request was rejected because the specified key was marked as disabled.
InvalidCiphertextException The request was rejected because the specified ciphertext has been corrupted or is otherwise invalid.
InvalidGrantTokenException The request was rejected because a grant token provided as part of the request is invalid.
InvalidKeyUsageException The request was rejected because the specified KeySpec parameter is not valid. The currently supported value is ENCRYPT/DECRYPT.
KeyUnavailableException The request was rejected because the key was not available. The request can be retried.
KMSInternalException The request was rejected because an internal exception occurred. The request can be retried.
KMSInvalidStateException The request was rejected because the state of the specified resource is not valid for this request. For more information about how key state affects the use of a customer master key (CMK), go to How Key State Affects the Use of a Customer Master Key in the AWS Key Management Service Developer Guide.
NotFoundException The request was rejected because the specified entity or resource could not be found.

Version Information

.NET Framework:
Supported in: 4.5, 4.0, 3.5