Data retrieval APIs for AWS Key Management Service

AWS Key Management Service provides the following APIs for data retrieval.

Actions	Description	Access level
DescribeCustomKeyStores	Controls permission to view detailed information about custom key stores in the account and region	Read
DescribeKey	Controls permission to view detailed information about an AWS KMS key	Read
GetKeyPolicy	Controls permission to view the key policy for the specified AWS KMS key	Read
GetKeyRotationStatus	Controls permission to view the key rotation status for an AWS KMS key	Read
GetParametersForImport	Controls permission to get data that is required to import cryptographic material into a customer managed key, including a public key and import token	Read
GetPublicKey	Controls permission to download the public key of an asymmetric AWS KMS key	Read
ListAliases	Controls permission to view the aliases that are defined in the account. Aliases are optional friendly names that you can associate with AWS KMS keys	List
ListGrants	Controls permission to view all grants for an AWS KMS key	List
ListKeyPolicies	Controls permission to view the names of key policies for an AWS KMS key	List
ListKeyRotations	Controls permission to view the list of key materials for an AWS KMS key	List
ListKeys	Controls permission to view the key ID and Amazon Resource Name (ARN) of all AWS KMS keys in the account	List
ListResourceTags	Controls permission to view all tags that are attached to an AWS KMS key	List
ListRetirableGrants	Controls permission to view grants in which the specified principal is the retiring principal. Other principals might be able to retire the grant and this principal might be able to retire other grants	List

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Amazon Kendra Intelligent Ranking

Amazon Keyspaces (for Apache Cassandra)