KeyLookupOptions

class aws_cdk.aws_kms.KeyLookupOptions(*, alias_name, return_dummy_key_on_missing=None)

Bases: object

Properties for looking up an existing Key.

Parameters:
  • alias_name (str) – The alias name of the Key. Must be in the format alias/<AliasName>.

  • return_dummy_key_on_missing (Optional[bool]) – Whether to return a dummy key if the key was not found. If it is set to true and the key was not found, a dummy key with a key id ‘1234abcd-12ab-34cd-56ef-1234567890ab’ will be returned. The value of the dummy key id can also be referenced using the Key.DEFAULT_DUMMY_KEY_ID variable, and you can check if the key is a dummy key by using the Key.isLookupDummy() method. Default: false

ExampleMetadata:

infused

Example:

my_key_lookup = kms.Key.from_lookup(self, "MyKeyLookup",
    alias_name="alias/KeyAlias"
)

role = iam.Role(self, "MyRole",
    assumed_by=iam.ServicePrincipal("lambda.amazonaws.com")
)
my_key_lookup.grant_encrypt_decrypt(role)

Attributes

alias_name

The alias name of the Key.

Must be in the format alias/<AliasName>.

return_dummy_key_on_missing

Whether to return a dummy key if the key was not found.

If it is set to true and the key was not found, a dummy key with a key id ‘1234abcd-12ab-34cd-56ef-1234567890ab’ will be returned. The value of the dummy key id can also be referenced using the Key.DEFAULT_DUMMY_KEY_ID variable, and you can check if the key is a dummy key by using the Key.isLookupDummy() method.

Default:

false