Interface IKey.Jsii$Default
- All Superinterfaces:
IConstruct
,software.constructs.IConstruct
,IConstruct.Jsii$Default
,software.constructs.IConstruct.Jsii$Default
,IDependable
,IDependable.Jsii$Default
,IKey
,IResource
,IResource.Jsii$Default
,software.amazon.jsii.JsiiSerializable
- All Known Subinterfaces:
IAlias.Jsii$Default
- All Known Implementing Classes:
IAlias.Jsii$Proxy
,IKey.Jsii$Proxy
- Enclosing interface:
IKey
IKey
.-
Nested Class Summary
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$Default, IConstruct.Jsii$Proxy
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default, software.constructs.IConstruct.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IDependable
IDependable.Jsii$Default, IDependable.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.kms.IKey
IKey.Jsii$Default, IKey.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource
IResource.Jsii$Default, IResource.Jsii$Proxy
-
Method Summary
Modifier and TypeMethodDescriptiondefault Alias
Defines a new alias for the key.default AddToResourcePolicyResult
addToResourcePolicy
(PolicyStatement statement, Boolean allowNoOp) Adds a statement to the KMS key resource policy.default void
applyRemovalPolicy
(RemovalPolicy policy) Apply the given removal policy to this resource.default ResourceEnvironment
getEnv()
The environment this resource belongs to.default String
The ARN of the key.default String
getKeyId()
The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).default ConstructNode
getNode()
The construct tree node for this construct.default Stack
getStack()
The stack in which this resource is defined.default Grant
grant
(IGrantable grantee, @NotNull String... actions) Grant the indicated permissions on this key to the given principal.default Grant
grantDecrypt
(IGrantable grantee) Grant decryption permissions using this key to the given principal.default Grant
grantEncrypt
(IGrantable grantee) Grant encryption permissions using this key to the given principal.default Grant
grantEncryptDecrypt
(IGrantable grantee) Grant encryption and decryption permissions using this key to the given principal.Methods inherited from interface software.amazon.awscdk.services.kms.IKey
addToResourcePolicy
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getNode
The construct tree node for this construct.- Specified by:
getNode
in interfaceIConstruct
- Specified by:
getNode
in interfaceIConstruct.Jsii$Default
- Specified by:
getNode
in interfaceIResource.Jsii$Default
-
getEnv
The environment this resource belongs to.For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
- Specified by:
getEnv
in interfaceIResource
- Specified by:
getEnv
in interfaceIResource.Jsii$Default
-
getStack
The stack in which this resource is defined.- Specified by:
getStack
in interfaceIResource
- Specified by:
getStack
in interfaceIResource.Jsii$Default
-
getKeyArn
The ARN of the key. -
getKeyId
The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab). -
applyRemovalPolicy
Apply the given removal policy to this resource.The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (
RemovalPolicy.DESTROY
), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN
).- Specified by:
applyRemovalPolicy
in interfaceIResource
- Specified by:
applyRemovalPolicy
in interfaceIResource.Jsii$Default
- Parameters:
policy
- This parameter is required.
-
addAlias
Defines a new alias for the key. -
addToResourcePolicy
@Stability(Stable) @NotNull default AddToResourcePolicyResult addToResourcePolicy(@NotNull PolicyStatement statement, @Nullable Boolean allowNoOp) Adds a statement to the KMS key resource policy.- Specified by:
addToResourcePolicy
in interfaceIKey
- Parameters:
statement
- The policy statement to add. This parameter is required.allowNoOp
- If this is set tofalse
and there is no policy defined (i.e. external key), the operation will fail. Otherwise, it will no-op.
-
grant
@Stability(Stable) @NotNull default Grant grant(@NotNull IGrantable grantee, @NotNull @NotNull String... actions) Grant the indicated permissions on this key to the given principal. -
grantDecrypt
Grant decryption permissions using this key to the given principal.- Specified by:
grantDecrypt
in interfaceIKey
- Parameters:
grantee
- This parameter is required.
-
grantEncrypt
Grant encryption permissions using this key to the given principal.- Specified by:
grantEncrypt
in interfaceIKey
- Parameters:
grantee
- This parameter is required.
-
grantEncryptDecrypt
Grant encryption and decryption permissions using this key to the given principal.- Specified by:
grantEncryptDecrypt
in interfaceIKey
- Parameters:
grantee
- This parameter is required.
-