DisableKeyRotationCommand | KMS Client - AWS SDK for JavaScript v3

Disables automatic rotation of the key material of the specified symmetric encryption KMS key.

Automatic key rotation is supported only on symmetric encryption KMS keys. You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

You can enable (EnableKeyRotation) and disable automatic rotation of the key material in customer managed KMS keys. Key material rotation of Amazon Web Services managed KMS keys is not configurable. KMS always rotates the key material for every year. Rotation of Amazon Web Services owned KMS keys varies.

In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three years to every year. For details, see EnableKeyRotation.

The KMS key that you use for this operation must be in a compatible key state. For details, see Key states of KMS keys in the Key Management Service Developer Guide.

Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

Required permissions: kms:DisableKeyRotation (key policy)

Related operations:

EnableKeyRotation
GetKeyRotationStatus

example

Use a bare-bones client and the command you need to make an API call.

import { KMSClient, DisableKeyRotationCommand } from "@aws-sdk/client-kms"; // ES Modules import
// const { KMSClient, DisableKeyRotationCommand } = require("@aws-sdk/client-kms"); // CommonJS import
const client = new KMSClient(config);
const command = new DisableKeyRotationCommand(input);
const response = await client.send(command);

see

DisableKeyRotationCommandInput for command's input shape.

see

DisableKeyRotationCommandOutput for command's response shape.

see

config for KMSClient's config shape.

Hierarchy

Command<DisableKeyRotationCommandInput, DisableKeyRotationCommandOutput, KMSClientResolvedConfig>
Command<DisableKeyRotationCommandInput, DisableKeyRotationCommandOutput, KMSClientResolvedConfig>
- DisableKeyRotationCommand

Implements

Command<any, DisableKeyRotationCommandInput, any, DisableKeyRotationCommandOutput, KMSClientResolvedConfig>
Command<any, DisableKeyRotationCommandInput, any, DisableKeyRotationCommandOutput, KMSClientResolvedConfig>

Index

Constructors

constructor

Properties

Methods

getEndpointParameterInstructions

Constructors

constructor

new DisableKeyRotationCommand(input: DisableKeyRotationCommandInput): DisableKeyRotationCommand

- Defined in clients/client-kms/dist-types/commands/DisableKeyRotationCommand.d.ts:62
Parameters
- input: DisableKeyRotationCommandInput
Returns DisableKeyRotationCommand

Properties

Readonly input

input: DisableKeyRotationCommandInput

Readonly middlewareStack

middlewareStack: IMiddlewareStack<DisableKeyRotationCommandInput, DisableKeyRotationCommandOutput>

Methods

Static getEndpointParameterInstructions

getEndpointParameterInstructions(): EndpointParameterInstructions

- Defined in clients/client-kms/dist-types/commands/DisableKeyRotationCommand.d.ts:62
Returns EndpointParameterInstructions

Hierarchy

Implements

Index

Constructors

Properties

Methods

Constructors

constructor

Parameters

input: DisableKeyRotationCommandInput

Returns DisableKeyRotationCommand

Properties

Readonly input

Readonly middlewareStack

Methods

Static getEndpointParameterInstructions

Returns EndpointParameterInstructions