1. Docs
  2. Reference
  3. API
  4. AWS
  5. kms
  6. GetKey

GetKey

Use this data source to get detailed information about the specified KMS Key with flexible key id input. This can be useful to reference key alias without having to hard code the ARN as input.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var foo = Output.Create(Aws.Kms.GetKey.InvokeAsync(new Aws.Kms.GetKeyArgs
        {
            KeyId = "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
        }));
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/kms"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := kms.LookupKey(ctx, &kms.LookupKeyArgs{
            KeyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
        }, nil)
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_aws as aws

foo = aws.kms.get_key(key_id="arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = pulumi.output(aws.kms.getKey({
    keyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
}, { async: true }));

Using GetKey

function getKey(args: GetKeyArgs, opts?: InvokeOptions): Promise<GetKeyResult>
function  get_key(grant_tokens=None, key_id=None, opts=None)
func LookupKey(ctx *Context, args *LookupKeyArgs, opts ...InvokeOption) (*LookupKeyResult, error)

Note: This function is named LookupKey in the Go SDK.

public static class GetKey {
    public static Task<GetKeyResult> InvokeAsync(GetKeyArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

KeyId string

Key identifier which can be one of the following format: * Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab * Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab * Alias name. E.g.: alias/my-key * Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key

GrantTokens List<string>

List of grant tokens

KeyId string

Key identifier which can be one of the following format: * Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab * Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab * Alias name. E.g.: alias/my-key * Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key

GrantTokens []string

List of grant tokens

keyId string

Key identifier which can be one of the following format: * Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab * Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab * Alias name. E.g.: alias/my-key * Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key

grantTokens string[]

List of grant tokens

key_id str

Key identifier which can be one of the following format: * Key ID. E.g: 1234abcd-12ab-34cd-56ef-1234567890ab * Key ARN. E.g.: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab * Alias name. E.g.: alias/my-key * Alias ARN: E.g.: arn:aws:kms:us-east-1:111122223333:alias/my-key

grant_tokens List[str]

List of grant tokens

GetKey Result

The following output properties are available:

Arn string
AwsAccountId string
CreationDate string
CustomerMasterKeySpec string
DeletionDate string
Description string
Enabled bool
ExpirationModel string
Id string

The provider-assigned unique ID for this managed resource.

KeyId string
KeyManager string
KeyState string
KeyUsage string
Origin string
ValidTo string
GrantTokens List<string>
Arn string
AwsAccountId string
CreationDate string
CustomerMasterKeySpec string
DeletionDate string
Description string
Enabled bool
ExpirationModel string
Id string

The provider-assigned unique ID for this managed resource.

KeyId string
KeyManager string
KeyState string
KeyUsage string
Origin string
ValidTo string
GrantTokens []string
arn string
awsAccountId string
creationDate string
customerMasterKeySpec string
deletionDate string
description string
enabled boolean
expirationModel string
id string

The provider-assigned unique ID for this managed resource.

keyId string
keyManager string
keyState string
keyUsage string
origin string
validTo string
grantTokens string[]
arn str
aws_account_id str
creation_date str
customer_master_key_spec str
deletion_date str
description str
enabled bool
expiration_model str
id str

The provider-assigned unique ID for this managed resource.

key_id str
key_manager str
key_state str
key_usage str
origin str
valid_to str
grant_tokens List[str]

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes
This Pulumi package is based on the aws Terraform Provider.