ListKeys - AWS Payment Cryptography Control Plane
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsSee Also

ListKeys

Lists the keys in the caller's AWS account and AWS Region. You can filter the list of keys.

This is a paginated operation, which means that each response might contain only a subset of all the keys. When the response contains only a subset of keys, it includes a NextToken value. Use this value in a subsequent ListKeys request to get more keys. When you receive a response with no NextToken (or an empty or null value), that means there are no more keys to get.

Cross-account use: This operation can't be used across different AWS accounts.

Related operations:

Request Syntax

{
   "KeyState": "string",
   "MaxResults": number,
   "NextToken": "string"
}

Request Parameters

The request accepts the following data in JSON format.

KeyState

The key state of the keys you want to list.

Type: String

Valid Values: CREATE_IN_PROGRESS | CREATE_COMPLETE | DELETE_PENDING | DELETE_COMPLETE

Required: No

MaxResults

Use this parameter to specify the maximum number of items to return. When this value is present, AWS Payment Cryptography does not return more than the specified number of items, but it might return fewer.

This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 100.

Required: No

NextToken

Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the truncated response you just received.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

Required: No

Response Syntax

{
   "Keys": [ 
      { 
         "Enabled": boolean,
         "Exportable": boolean,
         "KeyArn": "string",
         "KeyAttributes": { 
            "KeyAlgorithm": "string",
            "KeyClass": "string",
            "KeyModesOfUse": { 
               "Decrypt": boolean,
               "DeriveKey": boolean,
               "Encrypt": boolean,
               "Generate": boolean,
               "NoRestrictions": boolean,
               "Sign": boolean,
               "Unwrap": boolean,
               "Verify": boolean,
               "Wrap": boolean
            },
            "KeyUsage": "string"
         },
         "KeyCheckValue": "string",
         "KeyState": "string",
         "MultiRegionKeyType": "string",
         "PrimaryRegion": "string"
      }
   ],
   "NextToken": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

Keys

The list of keys created within the caller's AWS account and AWS Region.

Type: Array of KeySummary objects

NextToken

The token for the next set of results, or an empty or null value if there are no more results.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

Errors

AccessDeniedException

You do not have sufficient access to perform this action.

This exception is thrown when the caller lacks the necessary IAM permissions to perform the requested operation. Verify that your IAM policy includes the required permissions for the specific AWS Payment Cryptography action you're attempting.

HTTP Status Code: 400

InternalServerException

The request processing has failed because of an unknown error, exception, or failure.

This indicates a server-side error within the AWS Payment Cryptography service. If this error persists, contact support for assistance.

HTTP Status Code: 500

ResourceNotFoundException

The request was denied due to resource not found.

The specified key, alias, or other resource does not exist in your account or region. Verify that the resource identifier is correct and that the resource exists in the expected region.

HTTP Status Code: 400

ServiceUnavailableException

The service cannot complete the request.

The AWS Payment Cryptography service is temporarily unavailable. This is typically a temporary condition - retry your request after a brief delay.

HTTP Status Code: 500

ThrottlingException

The request was denied due to request throttling.

You have exceeded the rate limits for AWS Payment Cryptography API calls. Implement exponential backoff and retry logic in your application to handle throttling gracefully.

HTTP Status Code: 400

ValidationException

The request was denied due to an invalid request error.

One or more parameters in your request are invalid. Check the parameter values, formats, and constraints specified in the API documentation.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: