Gets information about custom key stores
in the account and region.
This operation is part of the Custom Key Store feature
feature in AWS KMS, which combines the convenience and extensive integration of AWS KMS with the isolation and control of a single-tenant key store.
By default, this operation returns information about all custom key stores in the account and region. To get only information about a particular custom key store, use either the
parameter (but not both).
To determine whether the custom key store is connected to its AWS CloudHSM cluster, use the
element in the response. If an attempt to connect the custom key store failed, the
element in the response indicates the cause of the failure. For help interpreting the
, see CustomKeyStoresListEntry
Custom key stores have a
connection state if the key store has never been connected or you use the DisconnectCustomKeyStore
operation to disconnect it. If your custom key store state is
but you are having trouble using it, make sure that its associated AWS CloudHSM cluster is active and contains the minimum number of HSMs required for the operation, if any.
For help repairing your custom key store, see the Troubleshooting Custom Key Stores
topic in the AWS Key Management Service Developer Guide
. Cross-account use
: No. You cannot perform this operation on a custom key store in a different AWS account. Required permissions
(IAM policy) Related operations:
This cmdlet automatically pages all available results to the pipeline - parameters related to iteration are only needed if you want to manually control the paginated output. To disable autopagination, use -NoAutoIteration.