1. Packages
  2. Alibaba Cloud Provider
  3. API Docs
  4. kms
  5. Key
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

alicloud.kms.Key

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

    Provides a KMS Key resource.

    For information about KMS Key and how to use it, see What is Key.

    NOTE: Available since v1.85.0.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    const _default = new alicloud.kms.Key("default", {
        description: "Hello KMS",
        status: "Enabled",
        pendingWindowInDays: 7,
    });
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    default = alicloud.kms.Key("default",
        description="Hello KMS",
        status="Enabled",
        pending_window_in_days=7)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := kms.NewKey(ctx, "default", &kms.KeyArgs{
    			Description:         pulumi.String("Hello KMS"),
    			Status:              pulumi.String("Enabled"),
    			PendingWindowInDays: pulumi.Int(7),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = new AliCloud.Kms.Key("default", new()
        {
            Description = "Hello KMS",
            Status = "Enabled",
            PendingWindowInDays = 7,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.kms.Key;
    import com.pulumi.alicloud.kms.KeyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new Key("default", KeyArgs.builder()
                .description("Hello KMS")
                .status("Enabled")
                .pendingWindowInDays("7")
                .build());
    
        }
    }
    
    resources:
      default:
        type: alicloud:kms:Key
        properties:
          description: Hello KMS
          status: Enabled
          pendingWindowInDays: '7'
    

    Create Key Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Key(name: string, args?: KeyArgs, opts?: CustomResourceOptions);
    @overload
    def Key(resource_name: str,
            args: Optional[KeyArgs] = None,
            opts: Optional[ResourceOptions] = None)
    
    @overload
    def Key(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            automatic_rotation: Optional[str] = None,
            deletion_window_in_days: Optional[int] = None,
            description: Optional[str] = None,
            dkms_instance_id: Optional[str] = None,
            is_enabled: Optional[bool] = None,
            key_spec: Optional[str] = None,
            key_state: Optional[str] = None,
            key_usage: Optional[str] = None,
            origin: Optional[str] = None,
            pending_window_in_days: Optional[int] = None,
            policy: Optional[str] = None,
            protection_level: Optional[str] = None,
            rotation_interval: Optional[str] = None,
            status: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None)
    func NewKey(ctx *Context, name string, args *KeyArgs, opts ...ResourceOption) (*Key, error)
    public Key(string name, KeyArgs? args = null, CustomResourceOptions? opts = null)
    public Key(String name, KeyArgs args)
    public Key(String name, KeyArgs args, CustomResourceOptions options)
    
    type: alicloud:kms:Key
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var keyResource = new AliCloud.Kms.Key("keyResource", new()
    {
        AutomaticRotation = "string",
        Description = "string",
        DkmsInstanceId = "string",
        KeySpec = "string",
        KeyUsage = "string",
        Origin = "string",
        PendingWindowInDays = 0,
        Policy = "string",
        ProtectionLevel = "string",
        RotationInterval = "string",
        Status = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := kms.NewKey(ctx, "keyResource", &kms.KeyArgs{
    	AutomaticRotation:   pulumi.String("string"),
    	Description:         pulumi.String("string"),
    	DkmsInstanceId:      pulumi.String("string"),
    	KeySpec:             pulumi.String("string"),
    	KeyUsage:            pulumi.String("string"),
    	Origin:              pulumi.String("string"),
    	PendingWindowInDays: pulumi.Int(0),
    	Policy:              pulumi.String("string"),
    	ProtectionLevel:     pulumi.String("string"),
    	RotationInterval:    pulumi.String("string"),
    	Status:              pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var keyResource = new Key("keyResource", KeyArgs.builder()
        .automaticRotation("string")
        .description("string")
        .dkmsInstanceId("string")
        .keySpec("string")
        .keyUsage("string")
        .origin("string")
        .pendingWindowInDays(0)
        .policy("string")
        .protectionLevel("string")
        .rotationInterval("string")
        .status("string")
        .tags(Map.of("string", "string"))
        .build());
    
    key_resource = alicloud.kms.Key("keyResource",
        automatic_rotation="string",
        description="string",
        dkms_instance_id="string",
        key_spec="string",
        key_usage="string",
        origin="string",
        pending_window_in_days=0,
        policy="string",
        protection_level="string",
        rotation_interval="string",
        status="string",
        tags={
            "string": "string",
        })
    
    const keyResource = new alicloud.kms.Key("keyResource", {
        automaticRotation: "string",
        description: "string",
        dkmsInstanceId: "string",
        keySpec: "string",
        keyUsage: "string",
        origin: "string",
        pendingWindowInDays: 0,
        policy: "string",
        protectionLevel: "string",
        rotationInterval: "string",
        status: "string",
        tags: {
            string: "string",
        },
    });
    
    type: alicloud:kms:Key
    properties:
        automaticRotation: string
        description: string
        dkmsInstanceId: string
        keySpec: string
        keyUsage: string
        origin: string
        pendingWindowInDays: 0
        policy: string
        protectionLevel: string
        rotationInterval: string
        status: string
        tags:
            string: string
    

    Key Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Key resource accepts the following input properties:

    AutomaticRotation string
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    DeletionWindowInDays int
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Description string
    The description of the key.
    DkmsInstanceId string
    The ID of the KMS instance.
    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    KeySpec string
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    KeyStatus string
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    KeyUsage string
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    Origin string
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    PendingWindowInDays int
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    Policy string
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    ProtectionLevel string
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    RotationInterval string
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    Status string
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    AutomaticRotation string
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    DeletionWindowInDays int
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Description string
    The description of the key.
    DkmsInstanceId string
    The ID of the KMS instance.
    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    KeySpec string
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    KeyState string
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    KeyUsage string
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    Origin string
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    PendingWindowInDays int
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    Policy string
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    ProtectionLevel string
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    RotationInterval string
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    Status string
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    Tags map[string]string
    A mapping of tags to assign to the resource.
    automaticRotation String
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    deletionWindowInDays Integer
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description String
    The description of the key.
    dkmsInstanceId String
    The ID of the KMS instance.
    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    keySpec String
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    keyState String
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    keyUsage String
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    origin String
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pendingWindowInDays Integer
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy String
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    protectionLevel String
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotationInterval String
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status String
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    automaticRotation string
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    deletionWindowInDays number
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description string
    The description of the key.
    dkmsInstanceId string
    The ID of the KMS instance.
    isEnabled boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    keySpec string
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    keyState string
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    keyUsage string
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    origin string
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pendingWindowInDays number
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy string
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    protectionLevel string
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotationInterval string
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status string
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    automatic_rotation str
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    deletion_window_in_days int
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description str
    The description of the key.
    dkms_instance_id str
    The ID of the KMS instance.
    is_enabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    key_spec str
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    key_state str
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    key_usage str
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    origin str
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pending_window_in_days int
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy str
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    protection_level str
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotation_interval str
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status str
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    automaticRotation String
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    deletionWindowInDays Number
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description String
    The description of the key.
    dkmsInstanceId String
    The ID of the KMS instance.
    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    keySpec String
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    keyState String
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    keyUsage String
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    origin String
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pendingWindowInDays Number
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy String
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    protectionLevel String
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotationInterval String
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status String
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags Map<String>
    A mapping of tags to assign to the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Key resource produces the following output properties:

    Arn string
    The ARN of the key.
    CreationDate string
    The time when the CMK was created.
    Creator string
    The creator of the CMK.
    DeleteDate string
    The time at which the CMK is scheduled for deletion.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastRotationDate string
    The time when the last rotation was performed.
    MaterialExpireTime string
    The time when the key material expires.
    NextRotationDate string
    The time when the next rotation will be performed.
    PrimaryKeyVersion string
    The ID of the current primary key version of the symmetric CMK.
    Arn string
    The ARN of the key.
    CreationDate string
    The time when the CMK was created.
    Creator string
    The creator of the CMK.
    DeleteDate string
    The time at which the CMK is scheduled for deletion.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastRotationDate string
    The time when the last rotation was performed.
    MaterialExpireTime string
    The time when the key material expires.
    NextRotationDate string
    The time when the next rotation will be performed.
    PrimaryKeyVersion string
    The ID of the current primary key version of the symmetric CMK.
    arn String
    The ARN of the key.
    creationDate String
    The time when the CMK was created.
    creator String
    The creator of the CMK.
    deleteDate String
    The time at which the CMK is scheduled for deletion.
    id String
    The provider-assigned unique ID for this managed resource.
    lastRotationDate String
    The time when the last rotation was performed.
    materialExpireTime String
    The time when the key material expires.
    nextRotationDate String
    The time when the next rotation will be performed.
    primaryKeyVersion String
    The ID of the current primary key version of the symmetric CMK.
    arn string
    The ARN of the key.
    creationDate string
    The time when the CMK was created.
    creator string
    The creator of the CMK.
    deleteDate string
    The time at which the CMK is scheduled for deletion.
    id string
    The provider-assigned unique ID for this managed resource.
    lastRotationDate string
    The time when the last rotation was performed.
    materialExpireTime string
    The time when the key material expires.
    nextRotationDate string
    The time when the next rotation will be performed.
    primaryKeyVersion string
    The ID of the current primary key version of the symmetric CMK.
    arn str
    The ARN of the key.
    creation_date str
    The time when the CMK was created.
    creator str
    The creator of the CMK.
    delete_date str
    The time at which the CMK is scheduled for deletion.
    id str
    The provider-assigned unique ID for this managed resource.
    last_rotation_date str
    The time when the last rotation was performed.
    material_expire_time str
    The time when the key material expires.
    next_rotation_date str
    The time when the next rotation will be performed.
    primary_key_version str
    The ID of the current primary key version of the symmetric CMK.
    arn String
    The ARN of the key.
    creationDate String
    The time when the CMK was created.
    creator String
    The creator of the CMK.
    deleteDate String
    The time at which the CMK is scheduled for deletion.
    id String
    The provider-assigned unique ID for this managed resource.
    lastRotationDate String
    The time when the last rotation was performed.
    materialExpireTime String
    The time when the key material expires.
    nextRotationDate String
    The time when the next rotation will be performed.
    primaryKeyVersion String
    The ID of the current primary key version of the symmetric CMK.

    Look up Existing Key Resource

    Get an existing Key resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: KeyState, opts?: CustomResourceOptions): Key
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            automatic_rotation: Optional[str] = None,
            creation_date: Optional[str] = None,
            creator: Optional[str] = None,
            delete_date: Optional[str] = None,
            deletion_window_in_days: Optional[int] = None,
            description: Optional[str] = None,
            dkms_instance_id: Optional[str] = None,
            is_enabled: Optional[bool] = None,
            key_spec: Optional[str] = None,
            key_state: Optional[str] = None,
            key_usage: Optional[str] = None,
            last_rotation_date: Optional[str] = None,
            material_expire_time: Optional[str] = None,
            next_rotation_date: Optional[str] = None,
            origin: Optional[str] = None,
            pending_window_in_days: Optional[int] = None,
            policy: Optional[str] = None,
            primary_key_version: Optional[str] = None,
            protection_level: Optional[str] = None,
            rotation_interval: Optional[str] = None,
            status: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None) -> Key
    func GetKey(ctx *Context, name string, id IDInput, state *KeyState, opts ...ResourceOption) (*Key, error)
    public static Key Get(string name, Input<string> id, KeyState? state, CustomResourceOptions? opts = null)
    public static Key get(String name, Output<String> id, KeyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    The ARN of the key.
    AutomaticRotation string
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    CreationDate string
    The time when the CMK was created.
    Creator string
    The creator of the CMK.
    DeleteDate string
    The time at which the CMK is scheduled for deletion.
    DeletionWindowInDays int
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Description string
    The description of the key.
    DkmsInstanceId string
    The ID of the KMS instance.
    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    KeySpec string
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    KeyStatus string
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    KeyUsage string
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    LastRotationDate string
    The time when the last rotation was performed.
    MaterialExpireTime string
    The time when the key material expires.
    NextRotationDate string
    The time when the next rotation will be performed.
    Origin string
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    PendingWindowInDays int
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    Policy string
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    PrimaryKeyVersion string
    The ID of the current primary key version of the symmetric CMK.
    ProtectionLevel string
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    RotationInterval string
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    Status string
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    Arn string
    The ARN of the key.
    AutomaticRotation string
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    CreationDate string
    The time when the CMK was created.
    Creator string
    The creator of the CMK.
    DeleteDate string
    The time at which the CMK is scheduled for deletion.
    DeletionWindowInDays int
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Description string
    The description of the key.
    DkmsInstanceId string
    The ID of the KMS instance.
    IsEnabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    KeySpec string
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    KeyState string
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    KeyUsage string
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    LastRotationDate string
    The time when the last rotation was performed.
    MaterialExpireTime string
    The time when the key material expires.
    NextRotationDate string
    The time when the next rotation will be performed.
    Origin string
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    PendingWindowInDays int
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    Policy string
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    PrimaryKeyVersion string
    The ID of the current primary key version of the symmetric CMK.
    ProtectionLevel string
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    RotationInterval string
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    Status string
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    Tags map[string]string
    A mapping of tags to assign to the resource.
    arn String
    The ARN of the key.
    automaticRotation String
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    creationDate String
    The time when the CMK was created.
    creator String
    The creator of the CMK.
    deleteDate String
    The time at which the CMK is scheduled for deletion.
    deletionWindowInDays Integer
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description String
    The description of the key.
    dkmsInstanceId String
    The ID of the KMS instance.
    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    keySpec String
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    keyState String
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    keyUsage String
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    lastRotationDate String
    The time when the last rotation was performed.
    materialExpireTime String
    The time when the key material expires.
    nextRotationDate String
    The time when the next rotation will be performed.
    origin String
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pendingWindowInDays Integer
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy String
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    primaryKeyVersion String
    The ID of the current primary key version of the symmetric CMK.
    protectionLevel String
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotationInterval String
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status String
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    arn string
    The ARN of the key.
    automaticRotation string
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    creationDate string
    The time when the CMK was created.
    creator string
    The creator of the CMK.
    deleteDate string
    The time at which the CMK is scheduled for deletion.
    deletionWindowInDays number
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description string
    The description of the key.
    dkmsInstanceId string
    The ID of the KMS instance.
    isEnabled boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    keySpec string
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    keyState string
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    keyUsage string
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    lastRotationDate string
    The time when the last rotation was performed.
    materialExpireTime string
    The time when the key material expires.
    nextRotationDate string
    The time when the next rotation will be performed.
    origin string
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pendingWindowInDays number
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy string
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    primaryKeyVersion string
    The ID of the current primary key version of the symmetric CMK.
    protectionLevel string
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotationInterval string
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status string
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    arn str
    The ARN of the key.
    automatic_rotation str
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    creation_date str
    The time when the CMK was created.
    creator str
    The creator of the CMK.
    delete_date str
    The time at which the CMK is scheduled for deletion.
    deletion_window_in_days int
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description str
    The description of the key.
    dkms_instance_id str
    The ID of the KMS instance.
    is_enabled bool

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    key_spec str
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    key_state str
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    key_usage str
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    last_rotation_date str
    The time when the last rotation was performed.
    material_expire_time str
    The time when the key material expires.
    next_rotation_date str
    The time when the next rotation will be performed.
    origin str
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pending_window_in_days int
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy str
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    primary_key_version str
    The ID of the current primary key version of the symmetric CMK.
    protection_level str
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotation_interval str
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status str
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    arn String
    The ARN of the key.
    automaticRotation String
    Specifies whether to enable automatic key rotation. Default value: Disabled. Valid values: Enabled, Disabled.
    creationDate String
    The time when the CMK was created.
    creator String
    The creator of the CMK.
    deleteDate String
    The time at which the CMK is scheduled for deletion.
    deletionWindowInDays Number
    Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    Deprecated: Field deletion_window_in_days has been deprecated from provider version 1.85.0. New field pending_window_in_days instead.

    description String
    The description of the key.
    dkmsInstanceId String
    The ID of the KMS instance.
    isEnabled Boolean

    Field is_enabled has been deprecated from provider version 1.85.0. New field status instead.

    NOTE: If you set the origin parameter to EXTERNAL or the key_spec parameter to an asymmetric CMK type, automatic key rotation is unavailable.

    NOTE: The default type of the CMK is Aliyun_AES_256. Only Dedicated KMS supports Aliyun_AES_128 and Aliyun_AES_192.

    NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

    Deprecated: Field is_enabled has been deprecated from provider version 1.85.0. New field key_state instead.

    keySpec String
    The specification of the key. Default value: Aliyun_AES_256. Valid values: Aliyun_AES_256, Aliyun_AES_128, Aliyun_AES_192, Aliyun_SM4, RSA_2048, RSA_3072, EC_P256, EC_P256K, EC_SM2.
    keyState String
    Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    Deprecated: Field key_state has been deprecated from provider version 1.123.1. New field status instead.

    keyUsage String
    The usage of the key. Default value: ENCRYPT/DECRYPT. Valid values:

    • ENCRYPT/DECRYPT: Encrypts or decrypts data.
    • SIGN/VERIFY: Generates or verifies a digital signature.
    lastRotationDate String
    The time when the last rotation was performed.
    materialExpireTime String
    The time when the key material expires.
    nextRotationDate String
    The time when the next rotation will be performed.
    origin String
    The key material origin. Default value: Aliyun_KMS. Valid values: Aliyun_KMS, EXTERNAL.
    pendingWindowInDays Number
    The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Unit: days. Valid values: 7 to 366. NOTE: From version 1.184.0, pending_window_in_days can be set to 366.
    policy String
    The content of the key policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
    primaryKeyVersion String
    The ID of the current primary key version of the symmetric CMK.
    protectionLevel String
    The protection level of the key. Default value: SOFTWARE. Valid values: SOFTWARE, HSM.
    rotationInterval String
    The period of automatic key rotation. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. NOTE: If automatic_rotation is set to Enabled, rotation_interval is required.
    status String
    The status of key. Default value: Enabled. Valid values: Enabled, Disabled, PendingDeletion.
    tags Map<String>
    A mapping of tags to assign to the resource.

    Import

    KMS Key can be imported using the id, e.g.

    $ pulumi import alicloud:kms/key:Key example <id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi