1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. paymentcryptography
  5. Key

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

aws-native.paymentcryptography.Key

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

    Definition of AWS::PaymentCryptography::Key Resource Type

    Create Key Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Key(name: string, args: KeyArgs, opts?: CustomResourceOptions);
    @overload
    def Key(resource_name: str,
            args: KeyArgs,
            opts: Optional[ResourceOptions] = None)
    
    @overload
    def Key(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            exportable: Optional[bool] = None,
            key_attributes: Optional[KeyAttributesArgs] = None,
            enabled: Optional[bool] = None,
            key_check_value_algorithm: Optional[KeyCheckValueAlgorithm] = None,
            tags: Optional[Sequence[_root_inputs.TagArgs]] = None)
    func NewKey(ctx *Context, name string, args KeyArgs, opts ...ResourceOption) (*Key, error)
    public Key(string name, KeyArgs args, CustomResourceOptions? opts = null)
    public Key(String name, KeyArgs args)
    public Key(String name, KeyArgs args, CustomResourceOptions options)
    
    type: aws-native:paymentcryptography:Key
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args KeyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Key Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Key resource accepts the following input properties:

    Exportable bool
    Specifies whether the key is exportable. This data is immutable after the key is created.
    KeyAttributes Pulumi.AwsNative.PaymentCryptography.Inputs.KeyAttributes
    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
    Enabled bool
    Specifies whether the key is enabled.
    KeyCheckValueAlgorithm Pulumi.AwsNative.PaymentCryptography.KeyCheckValueAlgorithm

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

    For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

    Tags List<Pulumi.AwsNative.Inputs.Tag>
    Exportable bool
    Specifies whether the key is exportable. This data is immutable after the key is created.
    KeyAttributes KeyAttributesArgs
    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
    Enabled bool
    Specifies whether the key is enabled.
    KeyCheckValueAlgorithm KeyCheckValueAlgorithm

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

    For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

    Tags TagArgs
    exportable Boolean
    Specifies whether the key is exportable. This data is immutable after the key is created.
    keyAttributes KeyAttributes
    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
    enabled Boolean
    Specifies whether the key is enabled.
    keyCheckValueAlgorithm KeyCheckValueAlgorithm

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

    For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

    tags List<Tag>
    exportable boolean
    Specifies whether the key is exportable. This data is immutable after the key is created.
    keyAttributes KeyAttributes
    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
    enabled boolean
    Specifies whether the key is enabled.
    keyCheckValueAlgorithm KeyCheckValueAlgorithm

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

    For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

    tags Tag[]
    exportable bool
    Specifies whether the key is exportable. This data is immutable after the key is created.
    key_attributes KeyAttributesArgs
    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
    enabled bool
    Specifies whether the key is enabled.
    key_check_value_algorithm KeyCheckValueAlgorithm

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

    For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

    tags Sequence[TagArgs]
    exportable Boolean
    Specifies whether the key is exportable. This data is immutable after the key is created.
    keyAttributes Property Map
    The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
    enabled Boolean
    Specifies whether the key is enabled.
    keyCheckValueAlgorithm "CMAC" | "ANSI_X9_24"

    The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

    For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

    tags List<Property Map>

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Key resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    KeyIdentifier string
    KeyOrigin Pulumi.AwsNative.PaymentCryptography.KeyOrigin
    The source of the key material. For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .
    KeyState Pulumi.AwsNative.PaymentCryptography.KeyState
    The state of key that is being created or deleted.
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyIdentifier string
    KeyOrigin KeyOrigin
    The source of the key material. For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .
    KeyState KeyStateEnum
    The state of key that is being created or deleted.
    id String
    The provider-assigned unique ID for this managed resource.
    keyIdentifier String
    keyOrigin KeyOrigin
    The source of the key material. For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .
    keyState KeyState
    The state of key that is being created or deleted.
    id string
    The provider-assigned unique ID for this managed resource.
    keyIdentifier string
    keyOrigin KeyOrigin
    The source of the key material. For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .
    keyState KeyState
    The state of key that is being created or deleted.
    id str
    The provider-assigned unique ID for this managed resource.
    key_identifier str
    key_origin KeyOrigin
    The source of the key material. For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .
    key_state KeyState
    The state of key that is being created or deleted.
    id String
    The provider-assigned unique ID for this managed resource.
    keyIdentifier String
    keyOrigin "EXTERNAL" | "AWS_PAYMENT_CRYPTOGRAPHY"
    The source of the key material. For keys created within AWS Payment Cryptography, the value is AWS_PAYMENT_CRYPTOGRAPHY . For keys imported into AWS Payment Cryptography, the value is EXTERNAL .
    keyState "CREATE_IN_PROGRESS" | "CREATE_COMPLETE" | "DELETE_PENDING" | "DELETE_COMPLETE"
    The state of key that is being created or deleted.

    Supporting Types

    KeyAlgorithm, KeyAlgorithmArgs

    Tdes2key
    TDES_2KEY
    Tdes3key
    TDES_3KEY
    Aes128
    AES_128
    Aes192
    AES_192
    Aes256
    AES_256
    Rsa2048
    RSA_2048
    Rsa3072
    RSA_3072
    Rsa4096
    RSA_4096
    EccNistP256
    ECC_NIST_P256
    EccNistP384
    ECC_NIST_P384
    KeyAlgorithmTdes2key
    TDES_2KEY
    KeyAlgorithmTdes3key
    TDES_3KEY
    KeyAlgorithmAes128
    AES_128
    KeyAlgorithmAes192
    AES_192
    KeyAlgorithmAes256
    AES_256
    KeyAlgorithmRsa2048
    RSA_2048
    KeyAlgorithmRsa3072
    RSA_3072
    KeyAlgorithmRsa4096
    RSA_4096
    KeyAlgorithmEccNistP256
    ECC_NIST_P256
    KeyAlgorithmEccNistP384
    ECC_NIST_P384
    Tdes2key
    TDES_2KEY
    Tdes3key
    TDES_3KEY
    Aes128
    AES_128
    Aes192
    AES_192
    Aes256
    AES_256
    Rsa2048
    RSA_2048
    Rsa3072
    RSA_3072
    Rsa4096
    RSA_4096
    EccNistP256
    ECC_NIST_P256
    EccNistP384
    ECC_NIST_P384
    Tdes2key
    TDES_2KEY
    Tdes3key
    TDES_3KEY
    Aes128
    AES_128
    Aes192
    AES_192
    Aes256
    AES_256
    Rsa2048
    RSA_2048
    Rsa3072
    RSA_3072
    Rsa4096
    RSA_4096
    EccNistP256
    ECC_NIST_P256
    EccNistP384
    ECC_NIST_P384
    TDES2KEY
    TDES_2KEY
    TDES3KEY
    TDES_3KEY
    AES128
    AES_128
    AES192
    AES_192
    AES256
    AES_256
    RSA2048
    RSA_2048
    RSA3072
    RSA_3072
    RSA4096
    RSA_4096
    ECC_NIST_P256
    ECC_NIST_P256
    ECC_NIST_P384
    ECC_NIST_P384
    "TDES_2KEY"
    TDES_2KEY
    "TDES_3KEY"
    TDES_3KEY
    "AES_128"
    AES_128
    "AES_192"
    AES_192
    "AES_256"
    AES_256
    "RSA_2048"
    RSA_2048
    "RSA_3072"
    RSA_3072
    "RSA_4096"
    RSA_4096
    "ECC_NIST_P256"
    ECC_NIST_P256
    "ECC_NIST_P384"
    ECC_NIST_P384

    KeyAttributes, KeyAttributesArgs

    KeyAlgorithm Pulumi.AwsNative.PaymentCryptography.KeyAlgorithm

    The key algorithm to be use during creation of an AWS Payment Cryptography key.

    For symmetric keys, AWS Payment Cryptography supports AES and TDES algorithms. For asymmetric keys, AWS Payment Cryptography supports RSA and ECC_NIST algorithms.

    KeyClass Pulumi.AwsNative.PaymentCryptography.KeyClass
    The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.
    KeyModesOfUse Pulumi.AwsNative.PaymentCryptography.Inputs.KeyModesOfUse
    The list of cryptographic operations that you can perform using the key.
    KeyUsage Pulumi.AwsNative.PaymentCryptography.KeyUsage
    The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.
    KeyAlgorithm KeyAlgorithm

    The key algorithm to be use during creation of an AWS Payment Cryptography key.

    For symmetric keys, AWS Payment Cryptography supports AES and TDES algorithms. For asymmetric keys, AWS Payment Cryptography supports RSA and ECC_NIST algorithms.

    KeyClass KeyClass
    The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.
    KeyModesOfUse KeyModesOfUse
    The list of cryptographic operations that you can perform using the key.
    KeyUsage KeyUsage
    The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.
    keyAlgorithm KeyAlgorithm

    The key algorithm to be use during creation of an AWS Payment Cryptography key.

    For symmetric keys, AWS Payment Cryptography supports AES and TDES algorithms. For asymmetric keys, AWS Payment Cryptography supports RSA and ECC_NIST algorithms.

    keyClass KeyClass
    The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.
    keyModesOfUse KeyModesOfUse
    The list of cryptographic operations that you can perform using the key.
    keyUsage KeyUsage
    The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.
    keyAlgorithm KeyAlgorithm

    The key algorithm to be use during creation of an AWS Payment Cryptography key.

    For symmetric keys, AWS Payment Cryptography supports AES and TDES algorithms. For asymmetric keys, AWS Payment Cryptography supports RSA and ECC_NIST algorithms.

    keyClass KeyClass
    The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.
    keyModesOfUse KeyModesOfUse
    The list of cryptographic operations that you can perform using the key.
    keyUsage KeyUsage
    The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.
    key_algorithm KeyAlgorithm

    The key algorithm to be use during creation of an AWS Payment Cryptography key.

    For symmetric keys, AWS Payment Cryptography supports AES and TDES algorithms. For asymmetric keys, AWS Payment Cryptography supports RSA and ECC_NIST algorithms.

    key_class KeyClass
    The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.
    key_modes_of_use KeyModesOfUse
    The list of cryptographic operations that you can perform using the key.
    key_usage KeyUsage
    The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.
    keyAlgorithm "TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384"

    The key algorithm to be use during creation of an AWS Payment Cryptography key.

    For symmetric keys, AWS Payment Cryptography supports AES and TDES algorithms. For asymmetric keys, AWS Payment Cryptography supports RSA and ECC_NIST algorithms.

    keyClass "SYMMETRIC_KEY" | "ASYMMETRIC_KEY_PAIR" | "PRIVATE_KEY" | "PUBLIC_KEY"
    The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.
    keyModesOfUse Property Map
    The list of cryptographic operations that you can perform using the key.
    keyUsage "TR31_B0_BASE_DERIVATION_KEY" | "TR31_C0_CARD_VERIFICATION_KEY" | "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY" | "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION" | "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS" | "TR31_E1_EMV_MKEY_CONFIDENTIALITY" | "TR31_E2_EMV_MKEY_INTEGRITY" | "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS" | "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION" | "TR31_E6_EMV_MKEY_OTHER" | "TR31_K0_KEY_ENCRYPTION_KEY" | "TR31_K1_KEY_BLOCK_PROTECTION_KEY" | "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT" | "TR31_M3_ISO_9797_3_MAC_KEY" | "TR31_M1_ISO_9797_1_MAC_KEY" | "TR31_M6_ISO_9797_5_CMAC_KEY" | "TR31_M7_HMAC_KEY" | "TR31_P0_PIN_ENCRYPTION_KEY" | "TR31_P1_PIN_GENERATION_KEY" | "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE" | "TR31_V1_IBM3624_PIN_VERIFICATION_KEY" | "TR31_V2_VISA_PIN_VERIFICATION_KEY" | "TR31_K2_TR34_ASYMMETRIC_KEY"
    The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.

    KeyCheckValueAlgorithm, KeyCheckValueAlgorithmArgs

    Cmac
    CMAC
    AnsiX924
    ANSI_X9_24
    KeyCheckValueAlgorithmCmac
    CMAC
    KeyCheckValueAlgorithmAnsiX924
    ANSI_X9_24
    Cmac
    CMAC
    AnsiX924
    ANSI_X9_24
    Cmac
    CMAC
    AnsiX924
    ANSI_X9_24
    CMAC
    CMAC
    ANSI_X924
    ANSI_X9_24
    "CMAC"
    CMAC
    "ANSI_X9_24"
    ANSI_X9_24

    KeyClass, KeyClassArgs

    SymmetricKey
    SYMMETRIC_KEY
    AsymmetricKeyPair
    ASYMMETRIC_KEY_PAIR
    PrivateKey
    PRIVATE_KEY
    PublicKey
    PUBLIC_KEY
    KeyClassSymmetricKey
    SYMMETRIC_KEY
    KeyClassAsymmetricKeyPair
    ASYMMETRIC_KEY_PAIR
    KeyClassPrivateKey
    PRIVATE_KEY
    KeyClassPublicKey
    PUBLIC_KEY
    SymmetricKey
    SYMMETRIC_KEY
    AsymmetricKeyPair
    ASYMMETRIC_KEY_PAIR
    PrivateKey
    PRIVATE_KEY
    PublicKey
    PUBLIC_KEY
    SymmetricKey
    SYMMETRIC_KEY
    AsymmetricKeyPair
    ASYMMETRIC_KEY_PAIR
    PrivateKey
    PRIVATE_KEY
    PublicKey
    PUBLIC_KEY
    SYMMETRIC_KEY
    SYMMETRIC_KEY
    ASYMMETRIC_KEY_PAIR
    ASYMMETRIC_KEY_PAIR
    PRIVATE_KEY
    PRIVATE_KEY
    PUBLIC_KEY
    PUBLIC_KEY
    "SYMMETRIC_KEY"
    SYMMETRIC_KEY
    "ASYMMETRIC_KEY_PAIR"
    ASYMMETRIC_KEY_PAIR
    "PRIVATE_KEY"
    PRIVATE_KEY
    "PUBLIC_KEY"
    PUBLIC_KEY

    KeyModesOfUse, KeyModesOfUseArgs

    Decrypt bool
    Specifies whether an AWS Payment Cryptography key can be used to decrypt data.
    DeriveKey bool
    Specifies whether an AWS Payment Cryptography key can be used to derive new keys.
    Encrypt bool
    Specifies whether an AWS Payment Cryptography key can be used to encrypt data.
    Generate bool
    Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.
    NoRestrictions bool
    Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage .
    Sign bool
    Specifies whether an AWS Payment Cryptography key can be used for signing.
    Unwrap bool
    Verify bool
    Specifies whether an AWS Payment Cryptography key can be used to verify signatures.
    Wrap bool
    Specifies whether an AWS Payment Cryptography key can be used to wrap other keys.
    Decrypt bool
    Specifies whether an AWS Payment Cryptography key can be used to decrypt data.
    DeriveKey bool
    Specifies whether an AWS Payment Cryptography key can be used to derive new keys.
    Encrypt bool
    Specifies whether an AWS Payment Cryptography key can be used to encrypt data.
    Generate bool
    Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.
    NoRestrictions bool
    Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage .
    Sign bool
    Specifies whether an AWS Payment Cryptography key can be used for signing.
    Unwrap bool
    Verify bool
    Specifies whether an AWS Payment Cryptography key can be used to verify signatures.
    Wrap bool
    Specifies whether an AWS Payment Cryptography key can be used to wrap other keys.
    decrypt Boolean
    Specifies whether an AWS Payment Cryptography key can be used to decrypt data.
    deriveKey Boolean
    Specifies whether an AWS Payment Cryptography key can be used to derive new keys.
    encrypt Boolean
    Specifies whether an AWS Payment Cryptography key can be used to encrypt data.
    generate Boolean
    Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.
    noRestrictions Boolean
    Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage .
    sign Boolean
    Specifies whether an AWS Payment Cryptography key can be used for signing.
    unwrap Boolean
    verify Boolean
    Specifies whether an AWS Payment Cryptography key can be used to verify signatures.
    wrap Boolean
    Specifies whether an AWS Payment Cryptography key can be used to wrap other keys.
    decrypt boolean
    Specifies whether an AWS Payment Cryptography key can be used to decrypt data.
    deriveKey boolean
    Specifies whether an AWS Payment Cryptography key can be used to derive new keys.
    encrypt boolean
    Specifies whether an AWS Payment Cryptography key can be used to encrypt data.
    generate boolean
    Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.
    noRestrictions boolean
    Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage .
    sign boolean
    Specifies whether an AWS Payment Cryptography key can be used for signing.
    unwrap boolean
    verify boolean
    Specifies whether an AWS Payment Cryptography key can be used to verify signatures.
    wrap boolean
    Specifies whether an AWS Payment Cryptography key can be used to wrap other keys.
    decrypt bool
    Specifies whether an AWS Payment Cryptography key can be used to decrypt data.
    derive_key bool
    Specifies whether an AWS Payment Cryptography key can be used to derive new keys.
    encrypt bool
    Specifies whether an AWS Payment Cryptography key can be used to encrypt data.
    generate bool
    Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.
    no_restrictions bool
    Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage .
    sign bool
    Specifies whether an AWS Payment Cryptography key can be used for signing.
    unwrap bool
    verify bool
    Specifies whether an AWS Payment Cryptography key can be used to verify signatures.
    wrap bool
    Specifies whether an AWS Payment Cryptography key can be used to wrap other keys.
    decrypt Boolean
    Specifies whether an AWS Payment Cryptography key can be used to decrypt data.
    deriveKey Boolean
    Specifies whether an AWS Payment Cryptography key can be used to derive new keys.
    encrypt Boolean
    Specifies whether an AWS Payment Cryptography key can be used to encrypt data.
    generate Boolean
    Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.
    noRestrictions Boolean
    Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage .
    sign Boolean
    Specifies whether an AWS Payment Cryptography key can be used for signing.
    unwrap Boolean
    verify Boolean
    Specifies whether an AWS Payment Cryptography key can be used to verify signatures.
    wrap Boolean
    Specifies whether an AWS Payment Cryptography key can be used to wrap other keys.

    KeyOrigin, KeyOriginArgs

    External
    EXTERNAL
    AwsPaymentCryptography
    AWS_PAYMENT_CRYPTOGRAPHY
    KeyOriginExternal
    EXTERNAL
    KeyOriginAwsPaymentCryptography
    AWS_PAYMENT_CRYPTOGRAPHY
    External
    EXTERNAL
    AwsPaymentCryptography
    AWS_PAYMENT_CRYPTOGRAPHY
    External
    EXTERNAL
    AwsPaymentCryptography
    AWS_PAYMENT_CRYPTOGRAPHY
    EXTERNAL
    EXTERNAL
    AWS_PAYMENT_CRYPTOGRAPHY
    AWS_PAYMENT_CRYPTOGRAPHY
    "EXTERNAL"
    EXTERNAL
    "AWS_PAYMENT_CRYPTOGRAPHY"
    AWS_PAYMENT_CRYPTOGRAPHY

    KeyState, KeyStateArgs

    CreateInProgress
    CREATE_IN_PROGRESS
    CreateComplete
    CREATE_COMPLETE
    DeletePending
    DELETE_PENDING
    DeleteComplete
    DELETE_COMPLETE
    KeyStateCreateInProgress
    CREATE_IN_PROGRESS
    KeyStateCreateComplete
    CREATE_COMPLETE
    KeyStateDeletePending
    DELETE_PENDING
    KeyStateDeleteComplete
    DELETE_COMPLETE
    CreateInProgress
    CREATE_IN_PROGRESS
    CreateComplete
    CREATE_COMPLETE
    DeletePending
    DELETE_PENDING
    DeleteComplete
    DELETE_COMPLETE
    CreateInProgress
    CREATE_IN_PROGRESS
    CreateComplete
    CREATE_COMPLETE
    DeletePending
    DELETE_PENDING
    DeleteComplete
    DELETE_COMPLETE
    CREATE_IN_PROGRESS
    CREATE_IN_PROGRESS
    CREATE_COMPLETE
    CREATE_COMPLETE
    DELETE_PENDING
    DELETE_PENDING
    DELETE_COMPLETE
    DELETE_COMPLETE
    "CREATE_IN_PROGRESS"
    CREATE_IN_PROGRESS
    "CREATE_COMPLETE"
    CREATE_COMPLETE
    "DELETE_PENDING"
    DELETE_PENDING
    "DELETE_COMPLETE"
    DELETE_COMPLETE

    KeyUsage, KeyUsageArgs

    Tr31b0BaseDerivationKey
    TR31_B0_BASE_DERIVATION_KEY
    Tr31c0CardVerificationKey
    TR31_C0_CARD_VERIFICATION_KEY
    Tr31d0SymmetricDataEncryptionKey
    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    Tr31d1AsymmetricKeyForDataEncryption
    TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    Tr31e0EmvMkeyAppCryptograms
    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS
    Tr31e1EmvMkeyConfidentiality
    TR31_E1_EMV_MKEY_CONFIDENTIALITY
    Tr31e2EmvMkeyIntegrity
    TR31_E2_EMV_MKEY_INTEGRITY
    Tr31e4EmvMkeyDynamicNumbers
    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS
    Tr31e5EmvMkeyCardPersonalization
    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION
    Tr31e6EmvMkeyOther
    TR31_E6_EMV_MKEY_OTHER
    Tr31k0KeyEncryptionKey
    TR31_K0_KEY_ENCRYPTION_KEY
    Tr31k1KeyBlockProtectionKey
    TR31_K1_KEY_BLOCK_PROTECTION_KEY
    Tr31k3AsymmetricKeyForKeyAgreement
    TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    Tr31m3Iso97973MacKey
    TR31_M3_ISO_9797_3_MAC_KEY
    Tr31m1Iso97971MacKey
    TR31_M1_ISO_9797_1_MAC_KEY
    Tr31m6Iso97975CmacKey
    TR31_M6_ISO_9797_5_CMAC_KEY
    Tr31m7HmacKey
    TR31_M7_HMAC_KEY
    Tr31p0PinEncryptionKey
    TR31_P0_PIN_ENCRYPTION_KEY
    Tr31p1PinGenerationKey
    TR31_P1_PIN_GENERATION_KEY
    Tr31s0AsymmetricKeyForDigitalSignature
    TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    Tr31v1Ibm3624PinVerificationKey
    TR31_V1_IBM3624_PIN_VERIFICATION_KEY
    Tr31v2VisaPinVerificationKey
    TR31_V2_VISA_PIN_VERIFICATION_KEY
    Tr31k2Tr34AsymmetricKey
    TR31_K2_TR34_ASYMMETRIC_KEY
    KeyUsageTr31b0BaseDerivationKey
    TR31_B0_BASE_DERIVATION_KEY
    KeyUsageTr31c0CardVerificationKey
    TR31_C0_CARD_VERIFICATION_KEY
    KeyUsageTr31d0SymmetricDataEncryptionKey
    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    KeyUsageTr31d1AsymmetricKeyForDataEncryption
    TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    KeyUsageTr31e0EmvMkeyAppCryptograms
    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS
    KeyUsageTr31e1EmvMkeyConfidentiality
    TR31_E1_EMV_MKEY_CONFIDENTIALITY
    KeyUsageTr31e2EmvMkeyIntegrity
    TR31_E2_EMV_MKEY_INTEGRITY
    KeyUsageTr31e4EmvMkeyDynamicNumbers
    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS
    KeyUsageTr31e5EmvMkeyCardPersonalization
    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION
    KeyUsageTr31e6EmvMkeyOther
    TR31_E6_EMV_MKEY_OTHER
    KeyUsageTr31k0KeyEncryptionKey
    TR31_K0_KEY_ENCRYPTION_KEY
    KeyUsageTr31k1KeyBlockProtectionKey
    TR31_K1_KEY_BLOCK_PROTECTION_KEY
    KeyUsageTr31k3AsymmetricKeyForKeyAgreement
    TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    KeyUsageTr31m3Iso97973MacKey
    TR31_M3_ISO_9797_3_MAC_KEY
    KeyUsageTr31m1Iso97971MacKey
    TR31_M1_ISO_9797_1_MAC_KEY
    KeyUsageTr31m6Iso97975CmacKey
    TR31_M6_ISO_9797_5_CMAC_KEY
    KeyUsageTr31m7HmacKey
    TR31_M7_HMAC_KEY
    KeyUsageTr31p0PinEncryptionKey
    TR31_P0_PIN_ENCRYPTION_KEY
    KeyUsageTr31p1PinGenerationKey
    TR31_P1_PIN_GENERATION_KEY
    KeyUsageTr31s0AsymmetricKeyForDigitalSignature
    TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    KeyUsageTr31v1Ibm3624PinVerificationKey
    TR31_V1_IBM3624_PIN_VERIFICATION_KEY
    KeyUsageTr31v2VisaPinVerificationKey
    TR31_V2_VISA_PIN_VERIFICATION_KEY
    KeyUsageTr31k2Tr34AsymmetricKey
    TR31_K2_TR34_ASYMMETRIC_KEY
    Tr31b0BaseDerivationKey
    TR31_B0_BASE_DERIVATION_KEY
    Tr31c0CardVerificationKey
    TR31_C0_CARD_VERIFICATION_KEY
    Tr31d0SymmetricDataEncryptionKey
    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    Tr31d1AsymmetricKeyForDataEncryption
    TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    Tr31e0EmvMkeyAppCryptograms
    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS
    Tr31e1EmvMkeyConfidentiality
    TR31_E1_EMV_MKEY_CONFIDENTIALITY
    Tr31e2EmvMkeyIntegrity
    TR31_E2_EMV_MKEY_INTEGRITY
    Tr31e4EmvMkeyDynamicNumbers
    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS
    Tr31e5EmvMkeyCardPersonalization
    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION
    Tr31e6EmvMkeyOther
    TR31_E6_EMV_MKEY_OTHER
    Tr31k0KeyEncryptionKey
    TR31_K0_KEY_ENCRYPTION_KEY
    Tr31k1KeyBlockProtectionKey
    TR31_K1_KEY_BLOCK_PROTECTION_KEY
    Tr31k3AsymmetricKeyForKeyAgreement
    TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    Tr31m3Iso97973MacKey
    TR31_M3_ISO_9797_3_MAC_KEY
    Tr31m1Iso97971MacKey
    TR31_M1_ISO_9797_1_MAC_KEY
    Tr31m6Iso97975CmacKey
    TR31_M6_ISO_9797_5_CMAC_KEY
    Tr31m7HmacKey
    TR31_M7_HMAC_KEY
    Tr31p0PinEncryptionKey
    TR31_P0_PIN_ENCRYPTION_KEY
    Tr31p1PinGenerationKey
    TR31_P1_PIN_GENERATION_KEY
    Tr31s0AsymmetricKeyForDigitalSignature
    TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    Tr31v1Ibm3624PinVerificationKey
    TR31_V1_IBM3624_PIN_VERIFICATION_KEY
    Tr31v2VisaPinVerificationKey
    TR31_V2_VISA_PIN_VERIFICATION_KEY
    Tr31k2Tr34AsymmetricKey
    TR31_K2_TR34_ASYMMETRIC_KEY
    Tr31b0BaseDerivationKey
    TR31_B0_BASE_DERIVATION_KEY
    Tr31c0CardVerificationKey
    TR31_C0_CARD_VERIFICATION_KEY
    Tr31d0SymmetricDataEncryptionKey
    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    Tr31d1AsymmetricKeyForDataEncryption
    TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    Tr31e0EmvMkeyAppCryptograms
    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS
    Tr31e1EmvMkeyConfidentiality
    TR31_E1_EMV_MKEY_CONFIDENTIALITY
    Tr31e2EmvMkeyIntegrity
    TR31_E2_EMV_MKEY_INTEGRITY
    Tr31e4EmvMkeyDynamicNumbers
    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS
    Tr31e5EmvMkeyCardPersonalization
    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION
    Tr31e6EmvMkeyOther
    TR31_E6_EMV_MKEY_OTHER
    Tr31k0KeyEncryptionKey
    TR31_K0_KEY_ENCRYPTION_KEY
    Tr31k1KeyBlockProtectionKey
    TR31_K1_KEY_BLOCK_PROTECTION_KEY
    Tr31k3AsymmetricKeyForKeyAgreement
    TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    Tr31m3Iso97973MacKey
    TR31_M3_ISO_9797_3_MAC_KEY
    Tr31m1Iso97971MacKey
    TR31_M1_ISO_9797_1_MAC_KEY
    Tr31m6Iso97975CmacKey
    TR31_M6_ISO_9797_5_CMAC_KEY
    Tr31m7HmacKey
    TR31_M7_HMAC_KEY
    Tr31p0PinEncryptionKey
    TR31_P0_PIN_ENCRYPTION_KEY
    Tr31p1PinGenerationKey
    TR31_P1_PIN_GENERATION_KEY
    Tr31s0AsymmetricKeyForDigitalSignature
    TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    Tr31v1Ibm3624PinVerificationKey
    TR31_V1_IBM3624_PIN_VERIFICATION_KEY
    Tr31v2VisaPinVerificationKey
    TR31_V2_VISA_PIN_VERIFICATION_KEY
    Tr31k2Tr34AsymmetricKey
    TR31_K2_TR34_ASYMMETRIC_KEY
    TR31B0_BASE_DERIVATION_KEY
    TR31_B0_BASE_DERIVATION_KEY
    TR31C0_CARD_VERIFICATION_KEY
    TR31_C0_CARD_VERIFICATION_KEY
    TR31D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    TR31D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    TR31E0_EMV_MKEY_APP_CRYPTOGRAMS
    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS
    TR31E1_EMV_MKEY_CONFIDENTIALITY
    TR31_E1_EMV_MKEY_CONFIDENTIALITY
    TR31E2_EMV_MKEY_INTEGRITY
    TR31_E2_EMV_MKEY_INTEGRITY
    TR31E4_EMV_MKEY_DYNAMIC_NUMBERS
    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS
    TR31E5_EMV_MKEY_CARD_PERSONALIZATION
    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION
    TR31E6_EMV_MKEY_OTHER
    TR31_E6_EMV_MKEY_OTHER
    TR31K0_KEY_ENCRYPTION_KEY
    TR31_K0_KEY_ENCRYPTION_KEY
    TR31K1_KEY_BLOCK_PROTECTION_KEY
    TR31_K1_KEY_BLOCK_PROTECTION_KEY
    TR31K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    TR31M3_ISO97973_MAC_KEY
    TR31_M3_ISO_9797_3_MAC_KEY
    TR31M1_ISO97971_MAC_KEY
    TR31_M1_ISO_9797_1_MAC_KEY
    TR31M6_ISO97975_CMAC_KEY
    TR31_M6_ISO_9797_5_CMAC_KEY
    TR31M7_HMAC_KEY
    TR31_M7_HMAC_KEY
    TR31P0_PIN_ENCRYPTION_KEY
    TR31_P0_PIN_ENCRYPTION_KEY
    TR31P1_PIN_GENERATION_KEY
    TR31_P1_PIN_GENERATION_KEY
    TR31S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    TR31V1_IBM3624_PIN_VERIFICATION_KEY
    TR31_V1_IBM3624_PIN_VERIFICATION_KEY
    TR31V2_VISA_PIN_VERIFICATION_KEY
    TR31_V2_VISA_PIN_VERIFICATION_KEY
    TR31K2_TR34_ASYMMETRIC_KEY
    TR31_K2_TR34_ASYMMETRIC_KEY
    "TR31_B0_BASE_DERIVATION_KEY"
    TR31_B0_BASE_DERIVATION_KEY
    "TR31_C0_CARD_VERIFICATION_KEY"
    TR31_C0_CARD_VERIFICATION_KEY
    "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY"
    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY
    "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION"
    TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION
    "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS"
    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS
    "TR31_E1_EMV_MKEY_CONFIDENTIALITY"
    TR31_E1_EMV_MKEY_CONFIDENTIALITY
    "TR31_E2_EMV_MKEY_INTEGRITY"
    TR31_E2_EMV_MKEY_INTEGRITY
    "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS"
    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS
    "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION"
    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION
    "TR31_E6_EMV_MKEY_OTHER"
    TR31_E6_EMV_MKEY_OTHER
    "TR31_K0_KEY_ENCRYPTION_KEY"
    TR31_K0_KEY_ENCRYPTION_KEY
    "TR31_K1_KEY_BLOCK_PROTECTION_KEY"
    TR31_K1_KEY_BLOCK_PROTECTION_KEY
    "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT"
    TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT
    "TR31_M3_ISO_9797_3_MAC_KEY"
    TR31_M3_ISO_9797_3_MAC_KEY
    "TR31_M1_ISO_9797_1_MAC_KEY"
    TR31_M1_ISO_9797_1_MAC_KEY
    "TR31_M6_ISO_9797_5_CMAC_KEY"
    TR31_M6_ISO_9797_5_CMAC_KEY
    "TR31_M7_HMAC_KEY"
    TR31_M7_HMAC_KEY
    "TR31_P0_PIN_ENCRYPTION_KEY"
    TR31_P0_PIN_ENCRYPTION_KEY
    "TR31_P1_PIN_GENERATION_KEY"
    TR31_P1_PIN_GENERATION_KEY
    "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE"
    TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
    "TR31_V1_IBM3624_PIN_VERIFICATION_KEY"
    TR31_V1_IBM3624_PIN_VERIFICATION_KEY
    "TR31_V2_VISA_PIN_VERIFICATION_KEY"
    TR31_V2_VISA_PIN_VERIFICATION_KEY
    "TR31_K2_TR34_ASYMMETRIC_KEY"
    TR31_K2_TR34_ASYMMETRIC_KEY

    Tag, TagArgs

    Key string
    The key name of the tag
    Value string
    The value of the tag
    Key string
    The key name of the tag
    Value string
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag
    key string
    The key name of the tag
    value string
    The value of the tag
    key str
    The key name of the tag
    value str
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi