- AWS Code Sample demonstrates how to get the key policy for a customer master key (CMK).

package aws.example.kms; import; import; import; import; public class GetKeyPolicy { public static void main(String[] args) { final String USAGE = "To run this example, supply a key id or ARN\n" + "Usage: GetKeyPolicy <key-id>\n" + "Example: GetKeyPolicy 1234abcd-12ab-34cd-56ef-1234567890ab\n"; if (args.length != 1) { System.out.println(USAGE); System.exit(1); } String keyId = args[0]; AWSKMS kmsClient = AWSKMSClientBuilder.standard().build(); // Get the policy for a CMK String policyName = "default"; GetKeyPolicyRequest req = new GetKeyPolicyRequest().withKeyId(keyId).withPolicyName(policyName); GetKeyPolicyResult result = kmsClient.getKeyPolicy(req); System.out.printf("Found key policy for %s:%n%s%n", keyId, result.getPolicy()); } }

Sample Details

Service: kms

Last tested: 2019-04-08

Author: AWS

Type: full-example