github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/kms/getKey.go (about) 1 // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. 2 // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** 3 4 package kms 5 6 import ( 7 "context" 8 "reflect" 9 10 "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal" 11 "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 12 ) 13 14 // Use this data source to get detailed information about 15 // the specified KMS Key with flexible key id input. 16 // This can be useful to reference key alias 17 // without having to hard code the ARN as input. 18 // 19 // ## Example Usage 20 // 21 // <!--Start PulumiCodeChooser --> 22 // ```go 23 // package main 24 // 25 // import ( 26 // 27 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms" 28 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 29 // 30 // ) 31 // 32 // func main() { 33 // pulumi.Run(func(ctx *pulumi.Context) error { 34 // _, err := kms.LookupKey(ctx, &kms.LookupKeyArgs{ 35 // KeyId: "alias/my-key", 36 // }, nil) 37 // if err != nil { 38 // return err 39 // } 40 // _, err = kms.LookupKey(ctx, &kms.LookupKeyArgs{ 41 // KeyId: "1234abcd-12ab-34cd-56ef-1234567890ab", 42 // }, nil) 43 // if err != nil { 44 // return err 45 // } 46 // _, err = kms.LookupKey(ctx, &kms.LookupKeyArgs{ 47 // KeyId: "arn:aws:kms:us-east-1:111122223333:alias/my-key", 48 // }, nil) 49 // if err != nil { 50 // return err 51 // } 52 // _, err = kms.LookupKey(ctx, &kms.LookupKeyArgs{ 53 // KeyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", 54 // }, nil) 55 // if err != nil { 56 // return err 57 // } 58 // return nil 59 // }) 60 // } 61 // 62 // ``` 63 // <!--End PulumiCodeChooser --> 64 func LookupKey(ctx *pulumi.Context, args *LookupKeyArgs, opts ...pulumi.InvokeOption) (*LookupKeyResult, error) { 65 opts = internal.PkgInvokeDefaultOpts(opts) 66 var rv LookupKeyResult 67 err := ctx.Invoke("aws:kms/getKey:getKey", args, &rv, opts...) 68 if err != nil { 69 return nil, err 70 } 71 return &rv, nil 72 } 73 74 // A collection of arguments for invoking getKey. 75 type LookupKeyArgs struct { 76 // List of grant tokens 77 GrantTokens []string `pulumi:"grantTokens"` 78 // Key identifier which can be one of the following format: 79 // * Key ID. E.g: `1234abcd-12ab-34cd-56ef-1234567890ab` 80 // * Key ARN. E.g.: `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` 81 // * Alias name. E.g.: `alias/my-key` 82 // * Alias ARN: E.g.: `arn:aws:kms:us-east-1:111122223333:alias/my-key` 83 KeyId string `pulumi:"keyId"` 84 } 85 86 // A collection of values returned by getKey. 87 type LookupKeyResult struct { 88 // The key ARN of a primary or replica key of a multi-Region key. 89 Arn string `pulumi:"arn"` 90 // The twelve-digit account ID of the AWS account that owns the key 91 AwsAccountId string `pulumi:"awsAccountId"` 92 // The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key. 93 CloudHsmClusterId string `pulumi:"cloudHsmClusterId"` 94 // The date and time when the key was created 95 CreationDate string `pulumi:"creationDate"` 96 // A unique identifier for the custom key store that contains the KMS key. 97 CustomKeyStoreId string `pulumi:"customKeyStoreId"` 98 // Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports 99 CustomerMasterKeySpec string `pulumi:"customerMasterKeySpec"` 100 // The date and time after which AWS KMS deletes the key. This value is present only when `keyState` is `PendingDeletion`, otherwise this value is 0 101 DeletionDate string `pulumi:"deletionDate"` 102 // The description of the key. 103 Description string `pulumi:"description"` 104 // Specifies whether the key is enabled. When `keyState` is `Enabled` this value is true, otherwise it is false 105 Enabled bool `pulumi:"enabled"` 106 // Specifies whether the Key's key material expires. This value is present only when `origin` is `EXTERNAL`, otherwise this value is empty 107 ExpirationModel string `pulumi:"expirationModel"` 108 GrantTokens []string `pulumi:"grantTokens"` 109 // The provider-assigned unique ID for this managed resource. 110 Id string `pulumi:"id"` 111 KeyId string `pulumi:"keyId"` 112 // The key's manager 113 KeyManager string `pulumi:"keyManager"` 114 // Describes the type of key material in the KMS key. 115 KeySpec string `pulumi:"keySpec"` 116 // The state of the key 117 KeyState string `pulumi:"keyState"` 118 // Specifies the intended use of the key 119 KeyUsage string `pulumi:"keyUsage"` 120 // Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. 121 MultiRegion bool `pulumi:"multiRegion"` 122 // Lists the primary and replica keys in same multi-Region key. Present only when the value of `multiRegion` is `true`. 123 MultiRegionConfigurations []GetKeyMultiRegionConfiguration `pulumi:"multiRegionConfigurations"` 124 // When this value is `AWS_KMS`, AWS KMS created the key material. When this value is `EXTERNAL`, the key material was imported from your existing key management infrastructure or the CMK lacks key material 125 Origin string `pulumi:"origin"` 126 // The waiting period before the primary key in a multi-Region key is deleted. 127 PendingDeletionWindowInDays int `pulumi:"pendingDeletionWindowInDays"` 128 // The time at which the imported key material expires. This value is present only when `origin` is `EXTERNAL` and whose `expirationModel` is `KEY_MATERIAL_EXPIRES`, otherwise this value is 0 129 ValidTo string `pulumi:"validTo"` 130 // Information about the external key that is associated with a KMS key in an external key store. 131 XksKeyConfigurations []GetKeyXksKeyConfiguration `pulumi:"xksKeyConfigurations"` 132 } 133 134 func LookupKeyOutput(ctx *pulumi.Context, args LookupKeyOutputArgs, opts ...pulumi.InvokeOption) LookupKeyResultOutput { 135 return pulumi.ToOutputWithContext(context.Background(), args). 136 ApplyT(func(v interface{}) (LookupKeyResult, error) { 137 args := v.(LookupKeyArgs) 138 r, err := LookupKey(ctx, &args, opts...) 139 var s LookupKeyResult 140 if r != nil { 141 s = *r 142 } 143 return s, err 144 }).(LookupKeyResultOutput) 145 } 146 147 // A collection of arguments for invoking getKey. 148 type LookupKeyOutputArgs struct { 149 // List of grant tokens 150 GrantTokens pulumi.StringArrayInput `pulumi:"grantTokens"` 151 // Key identifier which can be one of the following format: 152 // * Key ID. E.g: `1234abcd-12ab-34cd-56ef-1234567890ab` 153 // * Key ARN. E.g.: `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` 154 // * Alias name. E.g.: `alias/my-key` 155 // * Alias ARN: E.g.: `arn:aws:kms:us-east-1:111122223333:alias/my-key` 156 KeyId pulumi.StringInput `pulumi:"keyId"` 157 } 158 159 func (LookupKeyOutputArgs) ElementType() reflect.Type { 160 return reflect.TypeOf((*LookupKeyArgs)(nil)).Elem() 161 } 162 163 // A collection of values returned by getKey. 164 type LookupKeyResultOutput struct{ *pulumi.OutputState } 165 166 func (LookupKeyResultOutput) ElementType() reflect.Type { 167 return reflect.TypeOf((*LookupKeyResult)(nil)).Elem() 168 } 169 170 func (o LookupKeyResultOutput) ToLookupKeyResultOutput() LookupKeyResultOutput { 171 return o 172 } 173 174 func (o LookupKeyResultOutput) ToLookupKeyResultOutputWithContext(ctx context.Context) LookupKeyResultOutput { 175 return o 176 } 177 178 // The key ARN of a primary or replica key of a multi-Region key. 179 func (o LookupKeyResultOutput) Arn() pulumi.StringOutput { 180 return o.ApplyT(func(v LookupKeyResult) string { return v.Arn }).(pulumi.StringOutput) 181 } 182 183 // The twelve-digit account ID of the AWS account that owns the key 184 func (o LookupKeyResultOutput) AwsAccountId() pulumi.StringOutput { 185 return o.ApplyT(func(v LookupKeyResult) string { return v.AwsAccountId }).(pulumi.StringOutput) 186 } 187 188 // The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key. 189 func (o LookupKeyResultOutput) CloudHsmClusterId() pulumi.StringOutput { 190 return o.ApplyT(func(v LookupKeyResult) string { return v.CloudHsmClusterId }).(pulumi.StringOutput) 191 } 192 193 // The date and time when the key was created 194 func (o LookupKeyResultOutput) CreationDate() pulumi.StringOutput { 195 return o.ApplyT(func(v LookupKeyResult) string { return v.CreationDate }).(pulumi.StringOutput) 196 } 197 198 // A unique identifier for the custom key store that contains the KMS key. 199 func (o LookupKeyResultOutput) CustomKeyStoreId() pulumi.StringOutput { 200 return o.ApplyT(func(v LookupKeyResult) string { return v.CustomKeyStoreId }).(pulumi.StringOutput) 201 } 202 203 // Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports 204 func (o LookupKeyResultOutput) CustomerMasterKeySpec() pulumi.StringOutput { 205 return o.ApplyT(func(v LookupKeyResult) string { return v.CustomerMasterKeySpec }).(pulumi.StringOutput) 206 } 207 208 // The date and time after which AWS KMS deletes the key. This value is present only when `keyState` is `PendingDeletion`, otherwise this value is 0 209 func (o LookupKeyResultOutput) DeletionDate() pulumi.StringOutput { 210 return o.ApplyT(func(v LookupKeyResult) string { return v.DeletionDate }).(pulumi.StringOutput) 211 } 212 213 // The description of the key. 214 func (o LookupKeyResultOutput) Description() pulumi.StringOutput { 215 return o.ApplyT(func(v LookupKeyResult) string { return v.Description }).(pulumi.StringOutput) 216 } 217 218 // Specifies whether the key is enabled. When `keyState` is `Enabled` this value is true, otherwise it is false 219 func (o LookupKeyResultOutput) Enabled() pulumi.BoolOutput { 220 return o.ApplyT(func(v LookupKeyResult) bool { return v.Enabled }).(pulumi.BoolOutput) 221 } 222 223 // Specifies whether the Key's key material expires. This value is present only when `origin` is `EXTERNAL`, otherwise this value is empty 224 func (o LookupKeyResultOutput) ExpirationModel() pulumi.StringOutput { 225 return o.ApplyT(func(v LookupKeyResult) string { return v.ExpirationModel }).(pulumi.StringOutput) 226 } 227 228 func (o LookupKeyResultOutput) GrantTokens() pulumi.StringArrayOutput { 229 return o.ApplyT(func(v LookupKeyResult) []string { return v.GrantTokens }).(pulumi.StringArrayOutput) 230 } 231 232 // The provider-assigned unique ID for this managed resource. 233 func (o LookupKeyResultOutput) Id() pulumi.StringOutput { 234 return o.ApplyT(func(v LookupKeyResult) string { return v.Id }).(pulumi.StringOutput) 235 } 236 237 func (o LookupKeyResultOutput) KeyId() pulumi.StringOutput { 238 return o.ApplyT(func(v LookupKeyResult) string { return v.KeyId }).(pulumi.StringOutput) 239 } 240 241 // The key's manager 242 func (o LookupKeyResultOutput) KeyManager() pulumi.StringOutput { 243 return o.ApplyT(func(v LookupKeyResult) string { return v.KeyManager }).(pulumi.StringOutput) 244 } 245 246 // Describes the type of key material in the KMS key. 247 func (o LookupKeyResultOutput) KeySpec() pulumi.StringOutput { 248 return o.ApplyT(func(v LookupKeyResult) string { return v.KeySpec }).(pulumi.StringOutput) 249 } 250 251 // The state of the key 252 func (o LookupKeyResultOutput) KeyState() pulumi.StringOutput { 253 return o.ApplyT(func(v LookupKeyResult) string { return v.KeyState }).(pulumi.StringOutput) 254 } 255 256 // Specifies the intended use of the key 257 func (o LookupKeyResultOutput) KeyUsage() pulumi.StringOutput { 258 return o.ApplyT(func(v LookupKeyResult) string { return v.KeyUsage }).(pulumi.StringOutput) 259 } 260 261 // Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. 262 func (o LookupKeyResultOutput) MultiRegion() pulumi.BoolOutput { 263 return o.ApplyT(func(v LookupKeyResult) bool { return v.MultiRegion }).(pulumi.BoolOutput) 264 } 265 266 // Lists the primary and replica keys in same multi-Region key. Present only when the value of `multiRegion` is `true`. 267 func (o LookupKeyResultOutput) MultiRegionConfigurations() GetKeyMultiRegionConfigurationArrayOutput { 268 return o.ApplyT(func(v LookupKeyResult) []GetKeyMultiRegionConfiguration { return v.MultiRegionConfigurations }).(GetKeyMultiRegionConfigurationArrayOutput) 269 } 270 271 // When this value is `AWS_KMS`, AWS KMS created the key material. When this value is `EXTERNAL`, the key material was imported from your existing key management infrastructure or the CMK lacks key material 272 func (o LookupKeyResultOutput) Origin() pulumi.StringOutput { 273 return o.ApplyT(func(v LookupKeyResult) string { return v.Origin }).(pulumi.StringOutput) 274 } 275 276 // The waiting period before the primary key in a multi-Region key is deleted. 277 func (o LookupKeyResultOutput) PendingDeletionWindowInDays() pulumi.IntOutput { 278 return o.ApplyT(func(v LookupKeyResult) int { return v.PendingDeletionWindowInDays }).(pulumi.IntOutput) 279 } 280 281 // The time at which the imported key material expires. This value is present only when `origin` is `EXTERNAL` and whose `expirationModel` is `KEY_MATERIAL_EXPIRES`, otherwise this value is 0 282 func (o LookupKeyResultOutput) ValidTo() pulumi.StringOutput { 283 return o.ApplyT(func(v LookupKeyResult) string { return v.ValidTo }).(pulumi.StringOutput) 284 } 285 286 // Information about the external key that is associated with a KMS key in an external key store. 287 func (o LookupKeyResultOutput) XksKeyConfigurations() GetKeyXksKeyConfigurationArrayOutput { 288 return o.ApplyT(func(v LookupKeyResult) []GetKeyXksKeyConfiguration { return v.XksKeyConfigurations }).(GetKeyXksKeyConfigurationArrayOutput) 289 } 290 291 func init() { 292 pulumi.RegisterOutputType(LookupKeyResultOutput{}) 293 }