AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Gets a list of aliases in the caller's Amazon Web Services account and region. For more information about aliases, see CreateAlias.
By default, the ListAliases
operation returns all aliases in the account and
region. To get only the aliases associated with a particular KMS key, use the KeyId
parameter.
The ListAliases
response can include aliases that you created and associated
with your customer managed keys, and aliases that Amazon Web Services created and
associated with Amazon Web Services managed keys in your account. You can recognize
Amazon Web Services aliases because their names have the format aws/
,
such as aws/dynamodb
.
The response might also include aliases that have no TargetKeyId
field. These
are predefined aliases that Amazon Web Services has created but has not yet associated
with a KMS key. Aliases that Amazon Web Services creates in your account, including
predefined aliases, do not count against your KMS
aliases quota.
Cross-account use: No. ListAliases
does not return aliases in other
Amazon Web Services accounts.
Required permissions: kms:ListAliases (IAM policy)
For details, see Controlling access to aliases in the Key Management Service Developer Guide.
Related operations:
Eventual consistency: The KMS API follows an eventual consistency model. For more information, see KMS eventual consistency.
For .NET Core this operation is only available in asynchronous form. Please refer to ListAliasesAsync.
Namespace: Amazon.KeyManagementService
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z
public virtual ListAliasesResponse ListAliases( ListAliasesRequest request )
Container for the necessary parameters to execute the ListAliases service method.
Exception | Condition |
---|---|
DependencyTimeoutException | The system timed out while trying to fulfill the request. You can retry the request. |
InvalidArnException | The request was rejected because a specified ARN, or an ARN in a key policy, is not valid. |
InvalidMarkerException | The request was rejected because the marker that specifies where pagination should next begin is not valid. |
KMSInternalException | The request was rejected because an internal exception occurred. The request can be retried. |
NotFoundException | The request was rejected because the specified entity or resource could not be found. |
The following example lists aliases.
var client = new AmazonKeyManagementServiceClient(); var response = client.ListAliases(new ListAliasesRequest { }); List<AliasListEntry> aliases = response.Aliases; // A list of aliases, including the key ID of the KMS key that each alias refers to. bool truncated = response.Truncated; // A boolean that indicates whether there are more items in the list. Returns true when there are more items, or false when there are not.
.NET Framework:
Supported in: 4.5 and newer, 3.5