CfnAliasProps

class aws_cdk.aws_kms.CfnAliasProps(*, alias_name, target_key_id)

Bases: object

Properties for defining a CfnAlias.

Parameters:

alias_name (str) – Specifies the alias name. This value must begin with alias/ followed by a name, such as alias/ExampleAlias . .. epigraph:: If you change the value of the AliasName property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with alias/aws/ . The alias/aws/ prefix is reserved for AWS managed keys .
target_key_id (str) – Associates the alias with the specified customer managed key . The KMS key must be in the same AWS account and Region. A valid key ID is required. If you supply a null or empty string value, this operation returns an error. For help finding the key ID and ARN, see Finding the key ID and ARN in the AWS Key Management Service Developer Guide . Specify the key ID or the key ARN of the KMS key. For example: - Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab - Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-alias.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_kms as kms

cfn_alias_props = kms.CfnAliasProps(
    alias_name="aliasName",
    target_key_id="targetKeyId"
)

Attributes

alias_name

Specifies the alias name. This value must begin with alias/ followed by a name, such as alias/ExampleAlias .

If you change the value of the AliasName property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC).

The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with alias/aws/ . The alias/aws/ prefix is reserved for AWS managed keys .

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-alias.html#cfn-kms-alias-aliasname

target_key_id

//docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk>`_ . The KMS key must be in the same AWS account and Region.

A valid key ID is required. If you supply a null or empty string value, this operation returns an error.

For help finding the key ID and ARN, see Finding the key ID and ARN in the AWS Key Management Service Developer Guide .

Specify the key ID or the key ARN of the KMS key.

For example:

Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey .

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-alias.html#cfn-kms-alias-targetkeyid
Type:: Associates the alias with the specified `customer managed key <https