Package software.amazon.awscdk.mixins.preview.services.kms.mixins

Class CfnReplicaKeyPropsMixin

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.mixins.preview.core.Mixin
software.amazon.awscdk.mixins.preview.services.kms.mixins.CfnReplicaKeyPropsMixin
All Implemented Interfaces:
IMixin, software.amazon.jsii.JsiiSerializable
@Generated(value="jsii-pacmak/1.121.0 (build d7af9b9)", date="2025-12-18T18:20:27.672Z") @Stability(Stable) public class CfnReplicaKeyPropsMixin extends Mixin implements IMixin
The AWS::KMS::ReplicaKey resource specifies a multi-Region replica key that is based on a multi-Region primary key.

Multi-Region keys are an AWS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see Multi-Region keys in the AWS Key Management Service Developer Guide .

A multi-Region primary key is a fully functional symmetric encryption KMS key, HMAC KMS key, or asymmetric KMS key that is also the model for replica keys in other AWS Regions . To create a multi-Region primary key, add an AWS::KMS::Key resource to your CloudFormation stack. Set its MultiRegion property to true.

A multi-Region replica key is a fully functional KMS key that has the same key ID and key material as a multi-Region primary key, but is located in a different AWS Region of the same AWS partition. There can be multiple replicas of a primary key, but each must be in a different AWS Region .

When you create a replica key in CloudFormation , the replica key is created in the AWS Region represented by the endpoint you use for the request. If you try to replicate a multi-Region key into a Region in which the key type is not supported, the request will fail.

A primary key and its replicas have the same key ID and key material. They also have the same key spec, key usage, key material origin, and automatic key rotation status. These properties are known as shared properties . If they change, AWS synchronizes the change to all related multi-Region keys. All other properties of a replica key can differ, including its key policy, tags, aliases, and key state. AWS does not synchronize these properties.

Regions

AWS CloudFormation resources are available in all AWS Regions in which AWS and CloudFormation are supported. You can use the AWS::KMS::ReplicaKey resource to create replica keys in all Regions that support multi-Region KMS keys. For details, see Multi-Region keys in AWS in the ** .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.mixins.preview.mixins.*;
 import software.amazon.awscdk.mixins.preview.services.kms.mixins.*;
 Object keyPolicy;
 CfnReplicaKeyPropsMixin cfnReplicaKeyPropsMixin = CfnReplicaKeyPropsMixin.Builder.create(CfnReplicaKeyMixinProps.builder()
         .description("description")
         .enabled(false)
         .keyPolicy(keyPolicy)
         .pendingWindowInDays(123)
         .primaryKeyArn("primaryKeyArn")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build())
 .strategy(PropertyMergeStrategy.OVERRIDE)
 .build();

See Also:

  • Field Details

    • CFN_PROPERTY_KEYS

      @Stability(Stable) protected static final List<String> CFN_PROPERTY_KEYS

  • Constructor Details

    • CfnReplicaKeyPropsMixin

      protected CfnReplicaKeyPropsMixin(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnReplicaKeyPropsMixin

      protected CfnReplicaKeyPropsMixin(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnReplicaKeyPropsMixin

      @Stability(Stable) public CfnReplicaKeyPropsMixin(@NotNull CfnReplicaKeyMixinProps props, @Nullable CfnPropertyMixinOptions options)
      Create a mixin to apply properties to AWS::KMS::ReplicaKey.

      Parameters:
      props - L1 properties to apply. This parameter is required.
      options - Mixin options.

    • CfnReplicaKeyPropsMixin

      @Stability(Stable) public CfnReplicaKeyPropsMixin(@NotNull CfnReplicaKeyMixinProps props)
      Create a mixin to apply properties to AWS::KMS::ReplicaKey.

      Parameters:
      props - L1 properties to apply. This parameter is required.

  • Method Details

    • applyTo

      @Stability(Stable) @NotNull public software.constructs.IConstruct applyTo(@NotNull software.constructs.IConstruct construct)
      Apply the mixin properties to the construct.

      Specified by:
      applyTo in interface IMixin
      Specified by:
      applyTo in class Mixin
      Parameters:
      construct - This parameter is required.

    • supports

      @Stability(Stable) @NotNull public Boolean supports(@NotNull software.constructs.IConstruct construct)
      Check if this mixin supports the given construct.

      Specified by:
      supports in interface IMixin
      Overrides:
      supports in class Mixin
      Parameters:
      construct - This parameter is required.

    • getProps

      @Stability(Stable) @NotNull protected CfnReplicaKeyMixinProps getProps()

    • getStrategy

      @Stability(Stable) @NotNull protected PropertyMergeStrategy getStrategy()