1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. kms
  5. getReplicaKey

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

aws-native.kms.getReplicaKey

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

The AWS::KMS::ReplicaKey resource specifies a multi-region replica AWS KMS key in AWS Key Management Service (AWS KMS).

Using getReplicaKey

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getReplicaKey(args: GetReplicaKeyArgs, opts?: InvokeOptions): Promise<GetReplicaKeyResult>
function getReplicaKeyOutput(args: GetReplicaKeyOutputArgs, opts?: InvokeOptions): Output<GetReplicaKeyResult>
Copy
def get_replica_key(key_id: Optional[str] = None,
                    opts: Optional[InvokeOptions] = None) -> GetReplicaKeyResult
def get_replica_key_output(key_id: Optional[pulumi.Input[str]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetReplicaKeyResult]
Copy
func LookupReplicaKey(ctx *Context, args *LookupReplicaKeyArgs, opts ...InvokeOption) (*LookupReplicaKeyResult, error)
func LookupReplicaKeyOutput(ctx *Context, args *LookupReplicaKeyOutputArgs, opts ...InvokeOption) LookupReplicaKeyResultOutput
Copy

> Note: This function is named LookupReplicaKey in the Go SDK.

public static class GetReplicaKey 
{
    public static Task<GetReplicaKeyResult> InvokeAsync(GetReplicaKeyArgs args, InvokeOptions? opts = null)
    public static Output<GetReplicaKeyResult> Invoke(GetReplicaKeyInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetReplicaKeyResult> getReplicaKey(GetReplicaKeyArgs args, InvokeOptions options)
public static Output<GetReplicaKeyResult> getReplicaKey(GetReplicaKeyArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: aws-native:kms:getReplicaKey
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

KeyId This property is required. string

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

KeyId This property is required. string

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

keyId This property is required. String

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

keyId This property is required. string

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

key_id This property is required. str

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

keyId This property is required. String

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

getReplicaKey Result

The following output properties are available:

Arn string

The Amazon Resource Name (ARN) of the replica key, such as arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab .

The key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

Description string
A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use.
Enabled bool
Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations.
KeyId string

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

KeyPolicy object

The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.

Search the CloudFormation User Guide for AWS::KMS::ReplicaKey for more information about the expected schema for this property.

Tags List<Pulumi.AwsNative.Outputs.Tag>
An array of key-value pairs to apply to this resource.
Arn string

The Amazon Resource Name (ARN) of the replica key, such as arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab .

The key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

Description string
A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use.
Enabled bool
Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations.
KeyId string

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

KeyPolicy interface{}

The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.

Search the CloudFormation User Guide for AWS::KMS::ReplicaKey for more information about the expected schema for this property.

Tags Tag
An array of key-value pairs to apply to this resource.
arn String

The Amazon Resource Name (ARN) of the replica key, such as arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab .

The key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

description String
A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use.
enabled Boolean
Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations.
keyId String

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

keyPolicy Object

The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.

Search the CloudFormation User Guide for AWS::KMS::ReplicaKey for more information about the expected schema for this property.

tags List<Tag>
An array of key-value pairs to apply to this resource.
arn string

The Amazon Resource Name (ARN) of the replica key, such as arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab .

The key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

description string
A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use.
enabled boolean
Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations.
keyId string

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

keyPolicy any

The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.

Search the CloudFormation User Guide for AWS::KMS::ReplicaKey for more information about the expected schema for this property.

tags Tag[]
An array of key-value pairs to apply to this resource.
arn str

The Amazon Resource Name (ARN) of the replica key, such as arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab .

The key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

description str
A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use.
enabled bool
Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations.
key_id str

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

key_policy Any

The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.

Search the CloudFormation User Guide for AWS::KMS::ReplicaKey for more information about the expected schema for this property.

tags Sequence[root_Tag]
An array of key-value pairs to apply to this resource.
arn String

The Amazon Resource Name (ARN) of the replica key, such as arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab .

The key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

description String
A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use.
enabled Boolean
Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations.
keyId String

The key ID of the replica key, such as mrk-1234abcd12ab34cd56ef1234567890ab .

Related multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see How multi-Region keys work in the AWS Key Management Service Developer Guide .

keyPolicy Any

The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.

Search the CloudFormation User Guide for AWS::KMS::ReplicaKey for more information about the expected schema for this property.

tags List<Property Map>
An array of key-value pairs to apply to this resource.

Supporting Types

Tag

Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag
key This property is required. string
The key name of the tag
value This property is required. string
The value of the tag
key This property is required. str
The key name of the tag
value This property is required. str
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi