Interface IKey
A KMS Key, either managed by this CDK app, or imported.
Namespace: Amazon.CDK.AWS.KMS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IKey : IResource
Syntax (vb)
Public Interface IKey
Inherits IResource, IConstruct, IDependable
Synopsis
Properties
KeyArn | The ARN of the key. |
KeyId | The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab). |
Methods
AddAlias(String) | Defines a new alias for the key. |
AddToResourcePolicy(PolicyStatement, Nullable<Boolean>) | Adds a statement to the KMS key resource policy. |
Grant(IGrantable, String[]) | Grant the indicated permissions on this key to the given principal. |
GrantDecrypt(IGrantable) | Grant decryption permissions using this key to the given principal. |
GrantEncrypt(IGrantable) | Grant encryption permissions using this key to the given principal. |
GrantEncryptDecrypt(IGrantable) | Grant encryption and decryption permissions using this key to the given principal. |
GrantGenerateMac(IGrantable) | Grant permissions to generating MACs to the given principal. |
GrantVerifyMac(IGrantable) | Grant permissions to verifying MACs to the given principal. |
Properties
KeyArn
The ARN of the key.
string KeyArn { get; }
Property Value
System.String
Remarks
Attribute: true
KeyId
The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).
string KeyId { get; }
Property Value
System.String
Remarks
Attribute: true
Methods
AddAlias(String)
Defines a new alias for the key.
Alias AddAlias(string alias)
Parameters
- alias System.String
Returns
AddToResourcePolicy(PolicyStatement, Nullable<Boolean>)
Adds a statement to the KMS key resource policy.
IAddToResourcePolicyResult AddToResourcePolicy(PolicyStatement statement, Nullable<bool> allowNoOp = null)
Parameters
- statement PolicyStatement
The policy statement to add.
- allowNoOp System.Nullable<System.Boolean>
If this is set to
false
and there is no policy defined (i.e. external key), the operation will fail. Otherwise, it will no-op.
Returns
Grant(IGrantable, String[])
Grant the indicated permissions on this key to the given principal.
Grant Grant(IGrantable grantee, params string[] actions)
Parameters
- grantee IGrantable
- actions System.String[]
Returns
GrantDecrypt(IGrantable)
Grant decryption permissions using this key to the given principal.
Grant GrantDecrypt(IGrantable grantee)
Parameters
- grantee IGrantable
Returns
GrantEncrypt(IGrantable)
Grant encryption permissions using this key to the given principal.
Grant GrantEncrypt(IGrantable grantee)
Parameters
- grantee IGrantable
Returns
GrantEncryptDecrypt(IGrantable)
Grant encryption and decryption permissions using this key to the given principal.
Grant GrantEncryptDecrypt(IGrantable grantee)
Parameters
- grantee IGrantable
Returns
GrantGenerateMac(IGrantable)
Grant permissions to generating MACs to the given principal.
Grant GrantGenerateMac(IGrantable grantee)
Parameters
- grantee IGrantable
Returns
GrantVerifyMac(IGrantable)
Grant permissions to verifying MACs to the given principal.
Grant GrantVerifyMac(IGrantable grantee)
Parameters
- grantee IGrantable
Returns