This is the response object from the PutKeyPolicy operation.
Inheritance Hierarchy
System.Object
Amazon.Runtime.AmazonWebServiceResponse
Amazon.KeyManagementService.Model.PutKeyPolicyResponse
Amazon.Runtime.AmazonWebServiceResponse
Amazon.KeyManagementService.Model.PutKeyPolicyResponse
Namespace: Amazon.KeyManagementService.Model
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z
Syntax
public class PutKeyPolicyResponse : AmazonWebServiceResponse
The PutKeyPolicyResponse type exposes the following members
Constructors
| Name | Description | |
|---|---|---|
|
PutKeyPolicyResponse() |
Properties
| Name | Type | Description | |
|---|---|---|---|
|
|
ContentLength | System.Int64 | Inherited from Amazon.Runtime.AmazonWebServiceResponse. |
|
|
HttpStatusCode | System.Net.HttpStatusCode | Inherited from Amazon.Runtime.AmazonWebServiceResponse. |
|
|
ResponseMetadata | Amazon.Runtime.ResponseMetadata | Inherited from Amazon.Runtime.AmazonWebServiceResponse. |
Examples
The following example attaches a key policy to the specified KMS key.
To attach a key policy to a KMS key
var client = new AmazonKeyManagementServiceClient();
var response = client.PutKeyPolicy(new PutKeyPolicyRequest
{
KeyId = "1234abcd-12ab-34cd-56ef-1234567890ab", // The identifier of the KMS key to attach the key policy to. You can use the key ID or the Amazon Resource Name (ARN) of the KMS key.
Policy = "{
\"Version\": \"2012-10-17\",
\"Id\": \"custom-policy-2016-12-07\",
\"Statement\": [
{
\"Sid\": \"Enable IAM User Permissions\",
\"Effect\": \"Allow\",
\"Principal\": {
\"AWS\": \"arn:aws:iam::111122223333:root\"
},
\"Action\": \"kms:*\",
\"Resource\": \"*\"
},
{
\"Sid\": \"Allow access for Key Administrators\",
\"Effect\": \"Allow\",
\"Principal\": {
\"AWS\": [
\"arn:aws:iam::111122223333:user/ExampleAdminUser\",
\"arn:aws:iam::111122223333:role/ExampleAdminRole\"
]
},
\"Action\": [
\"kms:Create*\",
\"kms:Describe*\",
\"kms:Enable*\",
\"kms:List*\",
\"kms:Put*\",
\"kms:Update*\",
\"kms:Revoke*\",
\"kms:Disable*\",
\"kms:Get*\",
\"kms:Delete*\",
\"kms:ScheduleKeyDeletion\",
\"kms:CancelKeyDeletion\"
],
\"Resource\": \"*\"
},
{
\"Sid\": \"Allow use of the key\",
\"Effect\": \"Allow\",
\"Principal\": {
\"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"
},
\"Action\": [
\"kms:Encrypt\",
\"kms:Decrypt\",
\"kms:ReEncrypt*\",
\"kms:GenerateDataKey*\",
\"kms:DescribeKey\"
],
\"Resource\": \"*\"
},
{
\"Sid\": \"Allow attachment of persistent resources\",
\"Effect\": \"Allow\",
\"Principal\": {
\"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"
},
\"Action\": [
\"kms:CreateGrant\",
\"kms:ListGrants\",
\"kms:RevokeGrant\"
],
\"Resource\": \"*\",
\"Condition\": {
\"Bool\": {
\"kms:GrantIsForAWSResource\": \"true\"
}
}
}
]
}
", // The key policy document.
PolicyName = "default" // The name of the key policy.
});
Version Information
.NET:
Supported in: 8.0 and newer, Core 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.7.2 and newer