/
getAlias.go
102 lines (87 loc) · 6.3 KB
/
getAlias.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
// Code generated by pulumi-language-go DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package kms
import (
"context"
"reflect"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/internal"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
// The “AWS::KMS::Alias“ resource specifies a display name for a [KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys). You can use an alias to identify a KMS key in the KMS console, in the [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) operation, and in [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations), such as [Decrypt](https://docs.aws.amazon.com/kms/latest/APIReference/API_Decrypt.html) and [GenerateDataKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html).
//
// Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see [ABAC for](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *Developer Guide*.
// Using an alias to refer to a KMS key can help you simplify key management. For example, an alias in your code can be associated with different KMS keys i
func LookupAlias(ctx *pulumi.Context, args *LookupAliasArgs, opts ...pulumi.InvokeOption) (*LookupAliasResult, error) {
opts = internal.PkgInvokeDefaultOpts(opts)
var rv LookupAliasResult
err := ctx.Invoke("aws-native:kms:getAlias", args, &rv, opts...)
if err != nil {
return nil, err
}
return &rv, nil
}
type LookupAliasArgs struct {
// Specifies the alias name. This value must begin with ``alias/`` followed by a name, such as ``alias/ExampleAlias``.
// If you change the value of the ``AliasName`` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC).
// The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with ``alias/aws/``. The ``alias/aws/`` prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).
AliasName string `pulumi:"aliasName"`
}
type LookupAliasResult struct {
// Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.
// A valid key ID is required. If you supply a null or empty string value, this operation returns an error.
// For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.
// Specify the key ID or the key ARN of the KMS key.
// For example:
// + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab``
// + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``
//
// To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html).
TargetKeyId *string `pulumi:"targetKeyId"`
}
func LookupAliasOutput(ctx *pulumi.Context, args LookupAliasOutputArgs, opts ...pulumi.InvokeOption) LookupAliasResultOutput {
return pulumi.ToOutputWithContext(context.Background(), args).
ApplyT(func(v interface{}) (LookupAliasResult, error) {
args := v.(LookupAliasArgs)
r, err := LookupAlias(ctx, &args, opts...)
var s LookupAliasResult
if r != nil {
s = *r
}
return s, err
}).(LookupAliasResultOutput)
}
type LookupAliasOutputArgs struct {
// Specifies the alias name. This value must begin with ``alias/`` followed by a name, such as ``alias/ExampleAlias``.
// If you change the value of the ``AliasName`` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC).
// The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with ``alias/aws/``. The ``alias/aws/`` prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).
AliasName pulumi.StringInput `pulumi:"aliasName"`
}
func (LookupAliasOutputArgs) ElementType() reflect.Type {
return reflect.TypeOf((*LookupAliasArgs)(nil)).Elem()
}
type LookupAliasResultOutput struct{ *pulumi.OutputState }
func (LookupAliasResultOutput) ElementType() reflect.Type {
return reflect.TypeOf((*LookupAliasResult)(nil)).Elem()
}
func (o LookupAliasResultOutput) ToLookupAliasResultOutput() LookupAliasResultOutput {
return o
}
func (o LookupAliasResultOutput) ToLookupAliasResultOutputWithContext(ctx context.Context) LookupAliasResultOutput {
return o
}
// Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.
//
// A valid key ID is required. If you supply a null or empty string value, this operation returns an error.
// For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.
// Specify the key ID or the key ARN of the KMS key.
// For example:
// + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab``
// + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``
//
// To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html).
func (o LookupAliasResultOutput) TargetKeyId() pulumi.StringPtrOutput {
return o.ApplyT(func(v LookupAliasResult) *string { return v.TargetKeyId }).(pulumi.StringPtrOutput)
}
func init() {
pulumi.RegisterOutputType(LookupAliasResultOutput{})
}