Class CfnAlias

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
All Implemented Interfaces:
IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.103.1 (build bef2dea)", date="2024-10-11T15:56:00.901Z") @Stability(Stable) public class CfnAlias extends CfnResource implements IInspectable
The AWS::KMS::Alias resource specifies a display name for a KMS key . You can use an alias to identify a KMS key in the AWS KMS console, in the DescribeKey operation, and in cryptographic operations , such as Decrypt and GenerateDataKey .

Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see ABAC for AWS KMS in the AWS Key Management Service Developer Guide .

Using an alias to refer to a KMS key can help you simplify key management. For example, an alias in your code can be associated with different KMS keys in different AWS Regions . For more information, see Using aliases in the AWS Key Management Service Developer Guide .

When specifying an alias, observe the following rules.

  • Each alias is associated with one KMS key, but multiple aliases can be associated with the same KMS key.
  • The alias and its associated KMS key must be in the same AWS account and Region.
  • The alias name must be unique in the AWS account and Region. However, you can create aliases with the same name in different AWS Regions . For example, you can have an alias/projectKey in multiple Regions, each of which is associated with a KMS key in its Region.
  • Each alias name must begin with alias/ followed by a name, such as alias/exampleKey . The alias name can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). Alias names cannot begin with alias/aws/ . That alias name prefix is reserved for AWS managed keys .

Regions

AWS KMS CloudFormation resources are available in all AWS Regions in which AWS KMS and AWS CloudFormation are supported.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.kms.*;
 CfnAlias cfnAlias = CfnAlias.Builder.create(this, "MyCfnAlias")
         .aliasName("aliasName")
         .targetKeyId("targetKeyId")
         .build();
 

See Also:
  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.
  • Constructor Details

    • CfnAlias

      protected CfnAlias(software.amazon.jsii.JsiiObjectRef objRef)
    • CfnAlias

      protected CfnAlias(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • CfnAlias

      @Stability(Stable) public CfnAlias(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnAliasProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.
  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.
    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.
    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource
    • getAliasName

      @Stability(Stable) @NotNull public String getAliasName()
      Specifies the alias name.

      This value must begin with alias/ followed by a name, such as alias/ExampleAlias .

    • setAliasName

      @Stability(Stable) public void setAliasName(@NotNull String value)
      Specifies the alias name.

      This value must begin with alias/ followed by a name, such as alias/ExampleAlias .

    • getTargetKeyId

      @Stability(Stable) @NotNull public String getTargetKeyId()
      Associates the alias with the specified customer managed key . The KMS key must be in the same AWS account and Region.
    • setTargetKeyId

      @Stability(Stable) public void setTargetKeyId(@NotNull String value)
      Associates the alias with the specified customer managed key . The KMS key must be in the same AWS account and Region.