Interface IKey
A KMS Key, either managed by this CDK app, or imported.
Namespace: Amazon.CDK.AWS.KMS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IKey : IResourceSyntax (vb)
Public Interface IKey
Inherits IResource, IConstruct, IDependableSynopsis
Properties
| KeyArn | The ARN of the key. |
| KeyId | The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab). |
Methods
| AddAlias(String) | Defines a new alias for the key. |
| AddToResourcePolicy(PolicyStatement, Nullable<Boolean>) | Adds a statement to the KMS key resource policy. |
| Grant(IGrantable, String[]) | Grant the indicated permissions on this key to the given principal. |
| GrantDecrypt(IGrantable) | Grant decryption permissions using this key to the given principal. |
| GrantEncrypt(IGrantable) | Grant encryption permissions using this key to the given principal. |
| GrantEncryptDecrypt(IGrantable) | Grant encryption and decryption permissions using this key to the given principal. |
| GrantGenerateMac(IGrantable) | Grant permissions to generating MACs to the given principal. |
| GrantVerifyMac(IGrantable) | Grant permissions to verifying MACs to the given principal. |
Properties
KeyArn
The ARN of the key.
string KeyArn { get; }Property Value
System.String
Remarks
Attribute: true
KeyId
The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).
string KeyId { get; }Property Value
System.String
Remarks
Attribute: true
Methods
AddAlias(String)
Defines a new alias for the key.
Alias AddAlias(string alias)Parameters
- alias System.String
Returns
AddToResourcePolicy(PolicyStatement, Nullable<Boolean>)
Adds a statement to the KMS key resource policy.
IAddToResourcePolicyResult AddToResourcePolicy(PolicyStatement statement, Nullable<bool> allowNoOp = null)Parameters
- statement PolicyStatement
The policy statement to add.
- allowNoOp System.Nullable<System.Boolean>
If this is set to
falseand there is no policy defined (i.e. external key), the operation will fail. Otherwise, it will no-op.
Returns
Grant(IGrantable, String[])
Grant the indicated permissions on this key to the given principal.
Grant Grant(IGrantable grantee, params string[] actions)Parameters
- grantee IGrantable
- actions System.String[]
Returns
GrantDecrypt(IGrantable)
Grant decryption permissions using this key to the given principal.
Grant GrantDecrypt(IGrantable grantee)Parameters
- grantee IGrantable
Returns
GrantEncrypt(IGrantable)
Grant encryption permissions using this key to the given principal.
Grant GrantEncrypt(IGrantable grantee)Parameters
- grantee IGrantable
Returns
GrantEncryptDecrypt(IGrantable)
Grant encryption and decryption permissions using this key to the given principal.
Grant GrantEncryptDecrypt(IGrantable grantee)Parameters
- grantee IGrantable
Returns
GrantGenerateMac(IGrantable)
Grant permissions to generating MACs to the given principal.
Grant GrantGenerateMac(IGrantable grantee)Parameters
- grantee IGrantable
Returns
GrantVerifyMac(IGrantable)
Grant permissions to verifying MACs to the given principal.
Grant GrantVerifyMac(IGrantable grantee)Parameters
- grantee IGrantable
Returns