Package com.pulumi.aws.kms

Class ReplicaKeyArgs

  • public final class ReplicaKeyArgs
extends com.pulumi.resources.ResourceArgs

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  ReplicaKeyArgs.Builder  

      • Nested classes/interfaces inherited from class com.pulumi.resources.InputArgs

        com.pulumi.resources.InputArgs.InputArgsInternal

    • Method Detail

      • bypassPolicyLockoutSafetyCheck

        public java.util.Optional<com.pulumi.core.Output<java.lang.Boolean>> bypassPolicyLockoutSafetyCheck()
        Returns:
        A flag to indicate whether to bypass the key policy lockout safety check. Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. For more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_. The default value is `false`.

      • deletionWindowInDays

        public java.util.Optional<com.pulumi.core.Output<java.lang.Integer>> deletionWindowInDays()
        Returns:
        The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key. If you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.

      • description

        public java.util.Optional<com.pulumi.core.Output<java.lang.String>> description()
        Returns:
        A description of the KMS key.

      • enabled

        public java.util.Optional<com.pulumi.core.Output<java.lang.Boolean>> enabled()
        Returns:
        Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is `true`.

      • policy

        public java.util.Optional<com.pulumi.core.Output<java.lang.String>> policy()
        Returns:
        The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.

      • primaryKeyArn

        public com.pulumi.core.Output<java.lang.String> primaryKeyArn()
        Returns:
        The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.

      • tags

        public java.util.Optional<com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>>> tags()
        Returns:
        A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.