Marketplace
You are viewing an outdated version of provider-aws.Go to Latest
crossplane-contrib/provider-aws@v0.33.0
Key
kms.aws.crossplane.io
Key
crossplane-contrib/provider-aws@v0.33.0kms.aws.crossplane.io

Key is the Schema for the Keys API

Type

CRD

Group

kms.aws.crossplane.io

Version

v1alpha1

apiVersion: kms.aws.crossplane.io/v1alpha1

kind: Key

API Documentation
apiVersion
string
kind
string
metadata
object
spec
object
object

KeySpec defines the desired state of Key

deletionPolicy
string
forProvider
requiredobject
requiredobject

KeyParameters defines the desired state of Key

bypassPolicyLockoutSafetyCheck
boolean
customKeyStoreID
string
customerMasterKeySpec
string
description
string
enableKeyRotation
boolean
enabled
boolean
keySpec
string
keyUsage
string
multiRegion
boolean
origin
string
pendingWindowInDays
integer
policy
string
region
requiredstring
tags
array
array

Assigns one or more tags to the KMS key. Use this parameter to tag the KMS key when it is created. To tag an existing KMS key, use the TagResource operation. Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the Key Management Service Developer Guide. To use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html) permission in an IAM policy. Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, KMS replaces the current tag value with the specified one. When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see Tagging Keys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html).

tagKey
string
tagValue
string
providerConfigRef
object
object

ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.

name
requiredstring
policy
object
object

Policies for referencing.

resolution
string
resolve
string
providerRef
object
object

ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef

name
requiredstring
policy
object
object

Policies for referencing.

resolution
string
resolve
string
publishConnectionDetailsTo
object
object

PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.

configRef
object
object

SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret.

name
requiredstring
policy
object
object

Policies for referencing.

resolution
string
resolve
string
metadata
object
object

Metadata is the metadata for connection secret.

annotations
object
labels
object
type
string
name
requiredstring
writeConnectionSecretToRef
object
object

WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.

name
requiredstring
namespace
requiredstring
status
object
object

KeyStatus defines the observed state of Key.

atProvider
object
object

KeyObservation defines the observed state of Key

arn
string
awsAccountID
string
cloudHsmClusterID
string
creationDate
string
deletionDate
string
enabled
boolean
encryptionAlgorithms
array
array

The encryption algorithms that the KMS key supports. You cannot use the KMS key with other encryption algorithms within KMS. This value is present only when the KeyUsage of the KMS key is ENCRYPT_DECRYPT.

expirationModel
string
keyID
string
keyManager
string
keyState
string
multiRegionConfiguration
object
object

Lists the primary and replica keys in same multi-Region key. This field is present only when the value of the MultiRegion field is True. For more information about any listed KMS key, use the DescribeKey operation.

  • MultiRegionKeyType indicates whether the KMS key is a PRIMARY or REPLICA key.
  • PrimaryKey displays the key ARN and Region of the primary key. This field displays the current KMS key if it is the primary key.
  • ReplicaKeys displays the key ARNs and Regions of all replica keys. This field includes the current KMS key if it is a replica key.
multiRegionKeyType
string
primaryKey
object
object

Describes the primary or replica key in a multi-Region key.

arn
string
region
string
replicaKeys
array
array

No description provided.

arn
string
region
string
pendingDeletionWindowInDays
integer
signingAlgorithms
array
array

The signing algorithms that the KMS key supports. You cannot use the KMS key with other signing algorithms within KMS. This field appears only when the KeyUsage of the KMS key is SIGN_VERIFY.

validTo
string
conditions
array
array

Conditions of the resource.

lastTransitionTime
requiredstring
message
string
reason
requiredstring
status
requiredstring
type
requiredstring
Discover the building blocks for your internal cloud platform.
© 2024 Upbound, Inc.
Solutions
Learn
Company
More