interface CfnKeyProps

Language	Type name
.NET	Amazon.CDK.aws_paymentcryptography.CfnKeyProps
Go	github.com/aws/aws-cdk-go/awscdk/v2/awspaymentcryptography#CfnKeyProps
Java	software.amazon.awscdk.services.paymentcryptography.CfnKeyProps
Python	aws_cdk.aws_paymentcryptography.CfnKeyProps
TypeScript	aws-cdk-lib » aws_paymentcryptography » CfnKeyProps

Properties for defining a CfnKey.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-paymentcryptography-key.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_paymentcryptography as paymentcryptography } from 'aws-cdk-lib';
const cfnKeyProps: paymentcryptography.CfnKeyProps = {
  exportable: false,
  keyAttributes: {
    keyAlgorithm: 'keyAlgorithm',
    keyClass: 'keyClass',
    keyModesOfUse: {
      decrypt: false,
      deriveKey: false,
      encrypt: false,
      generate: false,
      noRestrictions: false,
      sign: false,
      unwrap: false,
      verify: false,
      wrap: false,
    },
    keyUsage: 'keyUsage',
  },

  // the properties below are optional
  enabled: false,
  keyCheckValueAlgorithm: 'keyCheckValueAlgorithm',
  tags: [{
    key: 'key',
    value: 'value',
  }],
};

Properties

Name	Type	Description
exportable	boolean | IResolvable	Specifies whether the key is exportable.
keyAttributes	IResolvable | KeyAttributesProperty	The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.
enabled?	boolean | IResolvable	Specifies whether the key is enabled.
keyCheckValueAlgorithm?	string	The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).
tags?	CfnTag[]

---

exportable

Type: boolean | IResolvable

Specifies whether the key is exportable.

This data is immutable after the key is created.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-paymentcryptography-key.html#cfn-paymentcryptography-key-exportable

---

keyAttributes

Type: IResolvable | KeyAttributesProperty

The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.

This data is immutable after the key is created.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-paymentcryptography-key.html#cfn-paymentcryptography-key-keyattributes

---

enabled?

Type: boolean | IResolvable (optional)

Specifies whether the key is enabled.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-paymentcryptography-key.html#cfn-paymentcryptography-key-enabled

---

keyCheckValueAlgorithm?

Type: string (optional)

The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).

It is used to validate the key integrity.

For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-paymentcryptography-key.html#cfn-paymentcryptography-key-keycheckvaluealgorithm

---

tags?

Type: CfnTag[] (optional)

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-paymentcryptography-key.html#cfn-paymentcryptography-key-tags