Package com.pulumi.aws.kms
Class ReplicaKey
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.aws.kms.ReplicaKey
-
public class ReplicaKey extends com.pulumi.resources.CustomResourceManages a KMS multi-Region replica key. ## Example Usage <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.kms.Key; import com.pulumi.aws.kms.KeyArgs; import com.pulumi.aws.kms.ReplicaKey; import com.pulumi.aws.kms.ReplicaKeyArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var primary = new Key("primary", KeyArgs.builder() .description("Multi-Region primary key") .deletionWindowInDays(30) .multiRegion(true) .build()); var replica = new ReplicaKey("replica", ReplicaKeyArgs.builder() .description("Multi-Region replica key") .deletionWindowInDays(7) .primaryKeyArn(primary.arn()) .build()); } } ``` <!--End PulumiCodeChooser --> ## Import Using `pulumi import`, import KMS multi-Region replica keys using the `id`. For example: ```sh $ pulumi import aws:kms/replicaKey:ReplicaKey example 1234abcd-12ab-34cd-56ef-1234567890ab ```
-
-
Constructor Summary
Constructors Constructor Description ReplicaKey(java.lang.String name)ReplicaKey(java.lang.String name, ReplicaKeyArgs args)ReplicaKey(java.lang.String name, ReplicaKeyArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.lang.String>arn()com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>>bypassPolicyLockoutSafetyCheck()com.pulumi.core.Output<java.util.Optional<java.lang.Integer>>deletionWindowInDays()com.pulumi.core.Output<java.util.Optional<java.lang.String>>description()com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>>enabled()static ReplicaKeyget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, ReplicaKeyState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<java.lang.String>keyId()com.pulumi.core.Output<java.lang.Boolean>keyRotationEnabled()com.pulumi.core.Output<java.lang.String>keySpec()com.pulumi.core.Output<java.lang.String>keyUsage()com.pulumi.core.Output<java.lang.String>policy()com.pulumi.core.Output<java.lang.String>primaryKeyArn()com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,java.lang.String>>>tags()com.pulumi.core.Output<java.util.Map<java.lang.String,java.lang.String>>tagsAll()
-
-
-
Constructor Detail
-
ReplicaKey
public ReplicaKey(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
ReplicaKey
public ReplicaKey(java.lang.String name, ReplicaKeyArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
ReplicaKey
public ReplicaKey(java.lang.String name, ReplicaKeyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
arn
public com.pulumi.core.Output<java.lang.String> arn()
- Returns:
- The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.
-
bypassPolicyLockoutSafetyCheck
public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> bypassPolicyLockoutSafetyCheck()
- Returns:
- A flag to indicate whether to bypass the key policy lockout safety check. Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. For more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_. The default value is `false`.
-
deletionWindowInDays
public com.pulumi.core.Output<java.util.Optional<java.lang.Integer>> deletionWindowInDays()
- Returns:
- The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key. If you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.
-
description
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()
- Returns:
- A description of the KMS key.
-
enabled
public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enabled()
- Returns:
- Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is `true`.
-
keyId
public com.pulumi.core.Output<java.lang.String> keyId()
- Returns:
- The key ID of the replica key. Related multi-Region keys have the same key ID.
-
keyRotationEnabled
public com.pulumi.core.Output<java.lang.Boolean> keyRotationEnabled()
- Returns:
- A Boolean value that specifies whether key rotation is enabled. This is a shared property of multi-Region keys.
-
keySpec
public com.pulumi.core.Output<java.lang.String> keySpec()
- Returns:
- The type of key material in the KMS key. This is a shared property of multi-Region keys.
-
keyUsage
public com.pulumi.core.Output<java.lang.String> keyUsage()
- Returns:
- The [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. This is a shared property of multi-Region keys.
-
policy
public com.pulumi.core.Output<java.lang.String> policy()
- Returns:
- The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.
-
primaryKeyArn
public com.pulumi.core.Output<java.lang.String> primaryKeyArn()
- Returns:
- The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
-
tags
public com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,java.lang.String>>> tags()
- Returns:
- A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
-
tagsAll
public com.pulumi.core.Output<java.util.Map<java.lang.String,java.lang.String>> tagsAll()
- Returns:
- A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
-
get
public static ReplicaKey get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable ReplicaKeyState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-