Response Parameters of Key Life Cycle Management APIs
This section lists the Key Life Cycle Management APIs response parameters with their description.
This list is by no means exhaustive.
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| id | string | ID of the resource. |
| createdAt | array of strings | Time and date when the key was created. |
| updatedAt | array of strings | Time and date when the key was updated. |
| kms_id | string | ID of the AWS KMS. |
| kms | string | Name of the KMS. |
| synced_at | string | Time and date when the AWS KMS keys were synchronized. |
| local_key_id | string | ID of the key imported to the AWS KMS. |
| local_key_name | string | Name of the key to be imported to the AWS KMS. |
| cloud_name | string | Cloud name. Supported types are: • AWS • AWS China • AWS GovCloud |
| key_type | string | Type of the CMK. |
| region | string | Name of the region in which the CMK will be created. |
| aws_param | JSON | Key parameters such as alias, description, and usage. Refer to AWS Parameters for details. |
| DeletionDate | string | Date on which the key will be deleted from the AWS KMS. |
| disable_encrypt_on_auto_rotate | boolean | Flag to disable encryption on the old key. |
| job_config_id | string | ID of the scheduler configuration job |
| rotated_at | string | Date and time when the key was rotated. |
| rotated_from | text | ID of the key from which the key was rotated. |
| rotated_to | text | ID of the rotated key. |
| rotation_status | string | Status of the rotation. |
| external_accounts | array of strings | AWS accounts that can use the key. |
| key_admins | array of strings | IAM users who can administer this key using the KMS API. |
| key_users | array of strings | IAM users who can use the key in cryptographic operations. |
| gone | boolean | Specifies whether the key exists in the cloud. |
AWS Parameters
| Parameter | Type | Description |
|---|---|---|
| AWSAccountId | string | Account ID of the AWS account that owns the CMK. |
| Arn | string | Amazon Resource Name (ARN) of the CMK. |
| CustomerMasterKeySpec | string | Describes the type of key material in the CMK. |
| Description | string | Description of the CMK. |
| Enabled | boolean | Specifies whether the CMK is enabled. |
| EncryptionAlgorithms | array of strings | Encryption algorithms supported by the CMK. |
| KeyID | string | Unique identifier for the CMK. |
| KeyManager | string | Manager of the CMK. The CMK can be managed by: • AWS • Customer • Cloud HSM |
| KeyState | string | Current status of the key. |
| KeyUsage | string | Cryptographic operations for which the CMK will be ued. Possible values are: • ENCRYPT_DECRYPT • SIGN_VERIFY |
| Origin | string | Source of the key material for the CMK. |
| CreationDate | string | The time and date when the CMK was created. |
| Policy | JSON | Key policy to attach to the CMK. |
| Alias | array of strings | Friendly name for the CMK. |
| Tags | array of JSONs | Optional parameter to add additional information to the CMK. Each tag consists of a tag key and a tag value. |
| ValidTo | string | The time at which the key material will expire. |
| KeyRotationEnabled | boolean | Flag to enable key rotation. |
| ExpirationModel | string | Determines whether the CMK's key material expires. |
