CfnAliasPropsMixin

class aws_cdk.mixins_preview.aws_kms.mixins.CfnAliasPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::KMS::Alias resource specifies a display name for a KMS key . You can use an alias to identify a KMS key in the AWS console, in the DescribeKey operation, and in cryptographic operations , such as Decrypt and GenerateDataKey .

Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see ABAC for AWS in the AWS Key Management Service Developer Guide .

Using an alias to refer to a KMS key can help you simplify key management. For example, an alias in your code can be associated with different KMS keys in different AWS Regions . For more information, see Using aliases in the AWS Key Management Service Developer Guide .

When specifying an alias, observe the following rules.

  • Each alias is associated with one KMS key, but multiple aliases can be associated with the same KMS key.

  • The alias and its associated KMS key must be in the same AWS account and Region.

  • The alias name must be unique in the AWS account and Region. However, you can create aliases with the same name in different AWS Regions . For example, you can have an alias/projectKey in multiple Regions, each of which is associated with a KMS key in its Region.

  • Each alias name must begin with alias/ followed by a name, such as alias/exampleKey . The alias name can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). Alias names cannot begin with alias/aws/ . That alias name prefix is reserved for AWS managed keys .

Regions

AWS CloudFormation resources are available in all AWS Regions in which AWS and CloudFormation are supported.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-alias.html

CloudformationResource:

AWS::KMS::Alias

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_kms import mixins as kms_mixins

cfn_alias_props_mixin = kms_mixins.CfnAliasPropsMixin(kms_mixins.CfnAliasMixinProps(
    alias_name="aliasName",
    target_key_id="targetKeyId"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::KMS::Alias.

Parameters:

  • props (Union[CfnAliasMixinProps, Dict[str, Any]]) – L1 properties to apply.

  • strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['aliasName', 'targetKeyId']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental