/AWS1/CL_AANKMSKEYCONF¶

Proposed access control configuration for a KMS key. You can propose a configuration for a new KMS key or an existing KMS key that you own by specifying the key policy and KMS grant configuration. If the configuration is for an existing key and you do not specify the key policy, the access preview uses the existing policy for the key. If the access preview is for a new resource and you do not specify the key policy, then the access preview uses the default key policy. The proposed key policy cannot be an empty string. For more information, see Default key policy. For more information about key policy limits, see Resource quotas.

`CONSTRUCTOR`¶

IMPORTING¶

Optional arguments:¶

`it_keypolicies` `TYPE /AWS1/CL_AANKMSKEYPOLMAP_W=>TT_KMSKEYPOLICIESMAP` `TT_KMSKEYPOLICIESMAP`¶

Resource policy configuration for the KMS key. The only valid value for the name of the key policy is default. For more information, see Default key policy.

`it_grants` `TYPE /AWS1/CL_AANKMSGRANTCONF=>TT_KMSGRANTCONFIGURATIONSLIST` `TT_KMSGRANTCONFIGURATIONSLIST`¶

A list of proposed grant configurations for the KMS key. If the proposed grant configuration is for an existing key, the access preview uses the proposed list of grant configurations in place of the existing grants. Otherwise, the access preview uses the existing grants for the key.

Queryable Attributes¶

keyPolicies¶

Resource policy configuration for the KMS key. The only valid value for the name of the key policy is default. For more information, see Default key policy.

Accessible with the following methods¶

Method	Description
`GET_KEYPOLICIES()`	Getter for KEYPOLICIES, with configurable default
`ASK_KEYPOLICIES()`	Getter for KEYPOLICIES w/ exceptions if field has no value
`HAS_KEYPOLICIES()`	Determine if KEYPOLICIES has a value

grants¶

A list of proposed grant configurations for the KMS key. If the proposed grant configuration is for an existing key, the access preview uses the proposed list of grant configurations in place of the existing grants. Otherwise, the access preview uses the existing grants for the key.

Accessible with the following methods¶

Method	Description
`GET_GRANTS()`	Getter for GRANTS, with configurable default
`ASK_GRANTS()`	Getter for GRANTS w/ exceptions if field has no value
`HAS_GRANTS()`	Determine if GRANTS has a value

/AWS1/CL_AANKMSKEYCONF¶

CONSTRUCTOR¶

IMPORTING¶

Optional arguments:¶

it_keypolicies TYPE /AWS1/CL_AANKMSKEYPOLMAP_W=>TT_KMSKEYPOLICIESMAP TT_KMSKEYPOLICIESMAP¶

it_grants TYPE /AWS1/CL_AANKMSGRANTCONF=>TT_KMSGRANTCONFIGURATIONSLIST TT_KMSGRANTCONFIGURATIONSLIST¶

Queryable Attributes¶

keyPolicies¶

Accessible with the following methods¶

grants¶

Accessible with the following methods¶

`CONSTRUCTOR`¶

`it_keypolicies` `TYPE /AWS1/CL_AANKMSKEYPOLMAP_W=>TT_KMSKEYPOLICIESMAP` `TT_KMSKEYPOLICIESMAP`¶

`it_grants` `TYPE /AWS1/CL_AANKMSGRANTCONF=>TT_KMSGRANTCONFIGURATIONSLIST` `TT_KMSGRANTCONFIGURATIONSLIST`¶