AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

This is the response object from the UpdateCustomKeyStore operation.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AmazonWebServiceResponse
    Amazon.KeyManagementService.Model.UpdateCustomKeyStoreResponse

Namespace: Amazon.KeyManagementService.Model
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z

Syntax

C# 
public class UpdateCustomKeyStoreResponse : AmazonWebServiceResponse

The UpdateCustomKeyStoreResponse type exposes the following members

Constructors

NameDescription
Public Method UpdateCustomKeyStoreResponse()

Properties

NameTypeDescription
Public Property ContentLength System.Int64 Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property HttpStatusCode System.Net.HttpStatusCode Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property ResponseMetadata Amazon.Runtime.ResponseMetadata Inherited from Amazon.Runtime.AmazonWebServiceResponse.

Examples

This example changes the friendly name of the AWS KMS custom key store to the name that you specify. This operation does not return any data. To verify that the operation worked, use the DescribeCustomKeyStores operation.

To edit the friendly name of a custom key store


var client = new AmazonKeyManagementServiceClient();
var response = client.UpdateCustomKeyStore(new UpdateCustomKeyStoreRequest 
{
    CustomKeyStoreId = "cks-1234567890abcdef0", // The ID of the custom key store that you are updating.
    NewCustomKeyStoreName = "DevelopmentKeys" // A new friendly name for the custom key store.
});

This example tells AWS KMS the password for the kmsuser crypto user in the AWS CloudHSM cluster that is associated with the AWS KMS custom key store. (It does not change the password in the CloudHSM cluster.) This operation does not return any data.

To edit the password of an AWS CloudHSM key store


var client = new AmazonKeyManagementServiceClient();
var response = client.UpdateCustomKeyStore(new UpdateCustomKeyStoreRequest 
{
    CustomKeyStoreId = "cks-1234567890abcdef0", // The ID of the custom key store that you are updating.
    KeyStorePassword = "ExamplePassword" // The password for the kmsuser crypto user in the CloudHSM cluster.
});

This example changes the AWS CloudHSM cluster that is associated with an AWS CloudHSM key store to a related cluster, such as a different backup of the same cluster. This operation does not return any data. To verify that the operation worked, use the DescribeCustomKeyStores operation.

To associate the custom key store with a different, but related, AWS CloudHSM cluster.


var client = new AmazonKeyManagementServiceClient();
var response = client.UpdateCustomKeyStore(new UpdateCustomKeyStoreRequest 
{
    CloudHsmClusterId = "cluster-234abcdefABC", // The ID of the AWS CloudHSM cluster that you want to associate with the custom key store. This cluster must be related to the original CloudHSM cluster for this key store.
    CustomKeyStoreId = "cks-1234567890abcdef0" // The ID of the custom key store that you are updating.
});

To update the proxy authentication credential for your external key store, specify both the RawSecretAccessKey and the AccessKeyId, even if you are changing only one of the values. You can use this feature to fix an invalid credential or to change the credential when the external key store proxy rotates it.

To update the proxy authentication credential of an external key store


var client = new AmazonKeyManagementServiceClient();
var response = client.UpdateCustomKeyStore(new UpdateCustomKeyStoreRequest 
{
    CustomKeyStoreId = "cks-1234567890abcdef0", // Identifies the custom key store
    XksProxyAuthenticationCredential = new XksProxyAuthenticationCredentialType {
        AccessKeyId = "ABCDE12345670EXAMPLE",
        RawSecretAccessKey = "DXjSUawnel2fr6SKC7G25CNxTyWKE5PF9XX6H/u9pSo="
    } // Specifies the values in the proxy authentication credential
});

This example updates the proxy URI path for an external key store

To edit the proxy URI path of an external key store.


var client = new AmazonKeyManagementServiceClient();
var response = client.UpdateCustomKeyStore(new UpdateCustomKeyStoreRequest 
{
    CustomKeyStoreId = "cks-1234567890abcdef0", // The ID of the custom key store that you are updating
    XksProxyUriPath = "/new-path/kms/xks/v1" // The URI path to the external key store proxy APIs
});

To change the external key store proxy connectivity option from public endpoint connectivity to VPC endpoint service connectivity, in addition to changing the XksProxyConnectivity value, you must change the XksProxyUriEndpoint value to reflect the private DNS name associated with the VPC endpoint service. You must also add an XksProxyVpcEndpointServiceName value.

To update the proxy connectivity of an external key store to VPC_ENDPOINT_SERVICE


var client = new AmazonKeyManagementServiceClient();
var response = client.UpdateCustomKeyStore(new UpdateCustomKeyStoreRequest 
{
    CustomKeyStoreId = "cks-1234567890abcdef0", // Identifies the custom key store
    XksProxyConnectivity = "VPC_ENDPOINT_SERVICE", // Specifies the connectivity option
    XksProxyUriEndpoint = "https://myproxy-private.xks.example.com", // Specifies the URI endpoint that AWS KMS uses when communicating with the external key store proxy
    XksProxyVpcEndpointServiceName = "com.amazonaws.vpce.us-east-1.vpce-svc-example" // Specifies the name of the VPC endpoint service that the proxy uses for communication
});

Version Information

.NET Core App:
Supported in: 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.5, 4.0, 3.5