KeySummary

Metadata about an AWS Payment Cryptography key.

Enabled

Specifies whether the key is enabled.

Type: Boolean

Required: Yes

Exportable

Specifies whether the key is exportable. This data is immutable after the key is created.

Type: Boolean

Required: Yes

KeyArn

The Amazon Resource Name (ARN) of the key.

Type: String

Length Constraints: Minimum length of 70. Maximum length of 150.

Pattern: arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:key/[0-9a-zA-Z]{16,64}

Required: Yes

KeyAttributes

The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.

Type: KeyAttributes object

Required: Yes

KeyCheckValue

The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Type: String

Length Constraints: Minimum length of 4. Maximum length of 16.

Pattern: [0-9a-fA-F]+

Required: Yes

KeyState

The state of an AWS Payment Cryptography that is being created or deleted.

Type: String

Valid Values: CREATE_IN_PROGRESS | CREATE_COMPLETE | DELETE_PENDING | DELETE_COMPLETE

Required: Yes

MultiRegionKeyType

Indicates whether this key is a multi-region key and its role in the multi-region key hierarchy.

Multi-region keys allow the same key material to be used across multiple AWS Regions. This field specifies whether the key is a primary key (which can be replicated to other regions) or a replica key (which is a copy of a primary key in another region).

Type: String

Valid Values: PRIMARY | REPLICA

Required: No

PrimaryRegion

An AWS Region identifier in the standard format (e.g., us-east-1, eu-west-1).

Used to specify regions for key replication operations. The region must be a valid AWS Region where AWS Payment Cryptography is available.

Type: String

Pattern: [a-z]{2}-[a-z]{1,16}-[0-9]+

Required: No

KeySummary

Contents

See Also