GetInstanceTpmEkPub

Gets the public endorsement key associated with the Nitro Trusted Platform Module (NitroTPM) for the specified instance.

Request Parameters

The following parameters are for this specific action. For more information about required and optional parameters that are common to all actions, see Common Query Parameters.

DryRun

Specify this parameter to verify whether the request will succeed, without actually making the request. If the request will succeed, the response is DryRunOperation. Otherwise, the response is UnauthorizedOperation.

Type: Boolean

Required: No

InstanceId

The ID of the instance for which to get the public endorsement key.

Type: String

Required: Yes

KeyFormat

The required public endorsement key format. Specify der for a DER-encoded public key that is compatible with OpenSSL. Specify tpmt for a TPM 2.0 format that is compatible with tpm2-tools. The returned key is base64 encoded.

Type: String

Valid Values: der | tpmt

Required: Yes

KeyType

The required public endorsement key type.

Type: String

Valid Values: rsa-2048 | ecc-sec-p384

Required: Yes

Response Elements

The following elements are returned by the service.

instanceId

The ID of the instance.

Type: String

keyFormat

The public endorsement key format.

Type: String

Valid Values: der | tpmt

keyType

The public endorsement key type.

Type: String

Valid Values: rsa-2048 | ecc-sec-p384

keyValue

The public endorsement key material.

Type: String

requestId

The ID of the request.

Type: String

Errors

For information about the errors that are common to all actions, see Common client error codes.

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS Command Line Interface

• AWS SDK for .NET

• AWS SDK for C++

• AWS SDK for Go v2

• AWS SDK for Java V2

• AWS SDK for JavaScript V3

• AWS SDK for PHP V3

• AWS SDK for Python

• AWS SDK for Ruby V3