ListKeys
Lists the keys in the caller's AWS account and AWS Region. You can filter the list of keys.
This is a paginated operation, which means that each response might contain only a subset of all the keys.
When the response contains only a subset of keys, it includes a NextToken
value. Use this value in a subsequent ListKeys
request to get more keys.
When you receive a response with no NextToken (or an empty or null value), that means there are no more keys to get.
Cross-account use: This operation can't be used across different AWS accounts.
Related operations:
Request Syntax
{
"KeyState": "string
",
"MaxResults": number
,
"NextToken": "string
"
}
Request Parameters
The request accepts the following data in JSON format.
- KeyState
-
The key state of the keys you want to list.
Type: String
Valid Values:
CREATE_IN_PROGRESS | CREATE_COMPLETE | DELETE_PENDING | DELETE_COMPLETE
Required: No
- MaxResults
-
Use this parameter to specify the maximum number of items to return. When this value is present, AWS Payment Cryptography does not return more than the specified number of items, but it might return fewer.
This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 100.
Required: No
- NextToken
-
Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of
NextToken
from the truncated response you just received.Type: String
Length Constraints: Minimum length of 1. Maximum length of 8192.
Required: No
Response Syntax
{
"Keys": [
{
"Enabled": boolean,
"Exportable": boolean,
"KeyArn": "string",
"KeyAttributes": {
"KeyAlgorithm": "string",
"KeyClass": "string",
"KeyModesOfUse": {
"Decrypt": boolean,
"DeriveKey": boolean,
"Encrypt": boolean,
"Generate": boolean,
"NoRestrictions": boolean,
"Sign": boolean,
"Unwrap": boolean,
"Verify": boolean,
"Wrap": boolean
},
"KeyUsage": "string"
},
"KeyCheckValue": "string",
"KeyState": "string"
}
],
"NextToken": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- Keys
-
The list of keys created within the caller's AWS account and AWS Region.
Type: Array of KeySummary objects
- NextToken
-
The token for the next set of results, or an empty or null value if there are no more results.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 8192.
Errors
- AccessDeniedException
-
You do not have sufficient access to perform this action.
HTTP Status Code: 400
- InternalServerException
-
The request processing has failed because of an unknown error, exception, or failure.
HTTP Status Code: 500
- ResourceNotFoundException
-
The request was denied due to an invalid resource error.
HTTP Status Code: 400
- ServiceUnavailableException
-
The service cannot complete the request.
HTTP Status Code: 500
- ThrottlingException
-
The request was denied due to request throttling.
HTTP Status Code: 400
- ValidationException
-
The request was denied due to an invalid request error.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: