Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
XksProxyAuthenticationCredentialType - AWS Key Management Service
ContentsSee Also

XksProxyAuthenticationCredentialType

PDF

AWS KMS uses the authentication credential to sign requests that it sends to the external key store proxy (XKS proxy) on your behalf. You establish these credentials on your external key store proxy and report them to AWS KMS.

The XksProxyAuthenticationCredential includes two required elements.

Contents

Note

In the following list, the required parameters are described first.

AccessKeyId

A unique identifier for the raw secret access key.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 30.

Pattern: ^[A-Z2-7]+$

Required: Yes

RawSecretAccessKey

A secret string of 43-64 characters. Valid characters are a-z, A-Z, 0-9, /, +, and =.

Type: String

Length Constraints: Minimum length of 43. Maximum length of 64.

Pattern: ^[a-zA-Z0-9\/+=]+$

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.