IKey¶
-
class
aws_cdk.aws_kms.IKey(*args, **kwargs)¶ Bases:
aws_cdk.core.IResource,typing_extensions.ProtocolA KMS Key, either managed by this CDK app, or imported.
-
__init__(*args, **kwargs)¶
Methods
-
add_to_resource_policy(statement, allow_no_op=None)¶ Adds a statement to the KMS key resource policy.
- Parameters
statement (
PolicyStatement) – The policy statement to add.allow_no_op (
Optional[bool]) – If this is set tofalseand there is no policy defined (i.e. external key), the operation will fail. Otherwise, it will no-op.
- Return type
None
-
grant(grantee, *actions)¶ Grant the indicated permissions on this key to the given principal.
- Parameters
grantee (
IGrantable) –actions (
str) –
- Return type
-
grant_decrypt(grantee)¶ Grant decryption permisisons using this key to the given principal.
- Parameters
grantee (
IGrantable) –- Return type
-
grant_encrypt(grantee)¶ Grant encryption permisisons using this key to the given principal.
- Parameters
grantee (
IGrantable) –- Return type
-
grant_encrypt_decrypt(grantee)¶ Grant encryption and decryption permisisons using this key to the given principal.
- Parameters
grantee (
IGrantable) –- Return type
Attributes
-
key_arn¶ The ARN of the key.
attribute: :attribute:: true
- Return type
str
-
key_id¶ 1234abcd-12ab-34cd-56ef-1234567890ab).
attribute: :attribute:: true
- Type
The ID of the key (the part that looks something like
- Return type
str
-
node¶ The construct node in the tree.
- Return type
-