UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi.io

pulumi/pulumi-aws

132 lines (131 loc) 4.92 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
import * as pulumi from "@pulumi/pulumi"; /** * Use this data source to get the public key about the specified KMS Key with flexible key id input. This can be useful to reference key alias without having to hard code the ARN as input. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const byAlias = aws.kms.getPublicKey({ * keyId: "alias/my-key", * }); * const byId = aws.kms.getPublicKey({ * keyId: "1234abcd-12ab-34cd-56ef-1234567890ab", * }); * const byAliasArn = aws.kms.getPublicKey({ * keyId: "arn:aws:kms:us-east-1:111122223333:alias/my-key", * }); * const byKeyArn = aws.kms.getPublicKey({ * keyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", * }); * ``` */ export declare function getPublicKey(args: GetPublicKeyArgs, opts?: pulumi.InvokeOptions): Promise<GetPublicKeyResult>; /** * A collection of arguments for invoking getPublicKey. */ export interface GetPublicKeyArgs { /** * List of grant tokens */ grantTokens?: string[]; /** * Key identifier which can be one of the following format: * * Key ID. E.g - `1234abcd-12ab-34cd-56ef-1234567890ab` * * Key ARN. E.g. - `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` * * Alias name. E.g. - `alias/my-key` * * Alias ARN - E.g. - `arn:aws:kms:us-east-1:111122223333:alias/my-key` */ keyId: string; /** * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. */ region?: string; } /** * A collection of values returned by getPublicKey. */ export interface GetPublicKeyResult { /** * Key ARN of the asymmetric CMK from which the public key was downloaded. */ readonly arn: string; /** * Type of the public key that was downloaded. */ readonly customerMasterKeySpec: string; /** * Encryption algorithms that AWS KMS supports for this key. Only set when the `keyUsage` of the public key is `ENCRYPT_DECRYPT`. */ readonly encryptionAlgorithms: string[]; readonly grantTokens?: string[]; /** * The provider-assigned unique ID for this managed resource. */ readonly id: string; readonly keyId: string; /** * Permitted use of the public key. Valid values are `ENCRYPT_DECRYPT` or `SIGN_VERIFY` */ readonly keyUsage: string; /** * Exported public key. The value is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI), as defined in [RFC 5280](https://tools.ietf.org/html/rfc5280). The value is Base64-encoded. */ readonly publicKey: string; /** * Exported public key. The value is Privacy Enhanced Mail (PEM) encoded. */ readonly publicKeyPem: string; readonly region: string; /** * Signing algorithms that AWS KMS supports for this key. Only set when the `keyUsage` of the public key is `SIGN_VERIFY`. */ readonly signingAlgorithms: string[]; } /** * Use this data source to get the public key about the specified KMS Key with flexible key id input. This can be useful to reference key alias without having to hard code the ARN as input. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const byAlias = aws.kms.getPublicKey({ * keyId: "alias/my-key", * }); * const byId = aws.kms.getPublicKey({ * keyId: "1234abcd-12ab-34cd-56ef-1234567890ab", * }); * const byAliasArn = aws.kms.getPublicKey({ * keyId: "arn:aws:kms:us-east-1:111122223333:alias/my-key", * }); * const byKeyArn = aws.kms.getPublicKey({ * keyId: "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", * }); * ``` */ export declare function getPublicKeyOutput(args: GetPublicKeyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetPublicKeyResult>; /** * A collection of arguments for invoking getPublicKey. */ export interface GetPublicKeyOutputArgs { /** * List of grant tokens */ grantTokens?: pulumi.Input<pulumi.Input<string>[]>; /** * Key identifier which can be one of the following format: * * Key ID. E.g - `1234abcd-12ab-34cd-56ef-1234567890ab` * * Key ARN. E.g. - `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` * * Alias name. E.g. - `alias/my-key` * * Alias ARN - E.g. - `arn:aws:kms:us-east-1:111122223333:alias/my-key` */ keyId: pulumi.Input<string>; /** * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. */ region?: pulumi.Input<string>; }