Class CfnKey
Creates an AWS Payment Cryptography key, a logical representation of a cryptographic key, that is unique in your account and AWS Region .
Inherited Members
Namespace: Amazon.CDK.AwsPaymentcryptography
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnKey : CfnResource, IInspectable, ITaggableV2
Syntax (vb)
Public Class CfnKey
Inherits CfnResource
Implements IInspectable, ITaggableV2
Remarks
You use keys for cryptographic functions such as encryption and decryption.
In addition to the key material used in cryptographic operations, an AWS Payment Cryptography key includes metadata such as the key ARN, key usage, key origin, creation date, description, and key state.
When you create a key, you specify both immutable and mutable data about the key. The immutable data contains key attributes that define the scope and cryptographic operations that you can perform using the key, for example key class (example: SYMMETRIC_KEY
), key algorithm (example: TDES_2KEY
), key usage (example: TR31_P0_PIN_ENCRYPTION_KEY
) and key modes of use (example: Encrypt
). For information about valid combinations of key attributes, see Understanding key attributes in the AWS Payment Cryptography User Guide . The mutable data contained within a key includes usage timestamp and key deletion timestamp and can be modified after creation.
AWS Payment Cryptography binds key attributes to keys using key blocks when you store or export them. AWS Payment Cryptography stores the key contents wrapped and never stores or transmits them in the clear.
Cross-account use : This operation can't be used across different AWS accounts.
Related operations:
CloudformationResource: AWS::PaymentCryptography::Key
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.Aws_paymentcryptography;
var cfnKey = new CfnKey(this, "MyCfnKey", new CfnKeyProps {
Exportable = false,
KeyAttributes = new KeyAttributesProperty {
KeyAlgorithm = "keyAlgorithm",
KeyClass = "keyClass",
KeyModesOfUse = new KeyModesOfUseProperty {
Decrypt = false,
DeriveKey = false,
Encrypt = false,
Generate = false,
NoRestrictions = false,
Sign = false,
Unwrap = false,
Verify = false,
Wrap = false
},
KeyUsage = "keyUsage"
},
// the properties below are optional
Enabled = false,
KeyCheckValueAlgorithm = "keyCheckValueAlgorithm",
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
});
Synopsis
Constructors
CfnKey(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnKey(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
CfnKey(Construct, String, ICfnKeyProps) |
Properties
AttrKeyIdentifier | |
AttrKeyOrigin | The source of the key material. |
AttrKeyState | The state of key that is being created or deleted. |
CdkTagManager | Tag Manager which manages the tags for this resource. |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
Enabled | Specifies whether the key is enabled. |
Exportable | Specifies whether the key is exportable. |
KeyAttributes | The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. |
KeyCheckValueAlgorithm | The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). |
Tags |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnKey(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnKey(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnKey(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnKey(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
CfnKey(Construct, String, ICfnKeyProps)
public CfnKey(Construct scope, string id, ICfnKeyProps props)
Parameters
- scope Constructs.Construct
Scope in which this resource is defined.
- id System.String
Construct identifier for this resource (unique in its scope).
- props ICfnKeyProps
Resource properties.
Properties
AttrKeyIdentifier
public virtual string AttrKeyIdentifier { get; }
Property Value
System.String
Remarks
CloudformationAttribute: KeyIdentifier
AttrKeyOrigin
The source of the key material.
public virtual string AttrKeyOrigin { get; }
Property Value
System.String
Remarks
For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY
. For keys imported into AWS Payment Cryptography, the value is EXTERNAL
.
CloudformationAttribute: KeyOrigin
AttrKeyState
The state of key that is being created or deleted.
public virtual string AttrKeyState { get; }
Property Value
System.String
Remarks
CloudformationAttribute: KeyState
CdkTagManager
Tag Manager which manages the tags for this resource.
public virtual TagManager CdkTagManager { get; }
Property Value
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
Enabled
Specifies whether the key is enabled.
public virtual object Enabled { get; set; }
Property Value
System.Object
Exportable
Specifies whether the key is exportable.
public virtual object Exportable { get; set; }
Property Value
System.Object
KeyAttributes
The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.
public virtual object KeyAttributes { get; set; }
Property Value
System.Object
KeyCheckValueAlgorithm
The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).
public virtual string KeyCheckValueAlgorithm { get; set; }
Property Value
System.String
Tags
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>