Find the KMS keys in an AWS CloudHSM key store
If you manage an AWS CloudHSM key store, you might need to identify the KMS keys in each AWS CloudHSM key store. You can use this information to track the KMS key operations in AWS CloudTrail logs, predict the effect of disconnecting a custom key store on KMS keys, or schedule deletion of KMS keys before you delete an AWS CloudHSM key store.
To find the KMS keys in an AWS CloudHSM key store (console)
To find the KMS keys in a particular AWS CloudHSM key store, on the Customer managed keys page, view the values in the Custom Key Store Name or Custom Key Store ID fields. To identify KMS keys in any AWS CloudHSM key store, look for KMS keys with an Origin value of AWS CloudHSM. To add optional columns to the display, choose the gear icon in the upper right corner of the page.
To find the KMS keys in an AWS CloudHSM key store (API)
To find the KMS keys in an AWS CloudHSM key store, use the ListKeys and DescribeKey operations and then filter by
CustomKeyStoreId
value. Before running the following examples, replace the
fictitious custom key store ID values with a valid value.