Sélectionner vos préférences de cookies

Nous utilisons des cookies essentiels et des outils similaires qui sont nécessaires au fonctionnement de notre site et à la fourniture de nos services. Nous utilisons des cookies de performance pour collecter des statistiques anonymes afin de comprendre comment les clients utilisent notre site et d’apporter des améliorations. Les cookies essentiels ne peuvent pas être désactivés, mais vous pouvez cliquer sur « Personnaliser » ou « Refuser » pour refuser les cookies de performance.

Si vous êtes d’accord, AWS et les tiers approuvés utiliseront également des cookies pour fournir des fonctionnalités utiles au site, mémoriser vos préférences et afficher du contenu pertinent, y compris des publicités pertinentes. Pour accepter ou refuser tous les cookies non essentiels, cliquez sur « Accepter » ou « Refuser ». Pour effectuer des choix plus détaillés, cliquez sur « Personnaliser ».

Préférences
Contactez-nous
Commentaire
AWS Documentation
Créer un compte AWS

États clés des AWS KMS clés

PDF
RSS
Mode de mise au point
États clés des AWS KMS clés - AWS Key Management Service
États de clé et types de clés KMSTableau d'état de clé

Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra.

Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra.

Un a AWS KMS key toujours un état clé. Les opérations sur la clé KMS et son environnement peuvent modifier cet état de clé, soit de manière transitoire, soit jusqu'à ce qu'une autre opération modifie son état de clé.

Le tableau de cette section montre comment les états clés affectent les appels aux opérations AWS KMS d'API. En raison de son état clé, une opération sur une clé KMS devrait réussir (), échouer (X), ou ne réussir que dans certaines conditions (?). Le résultat est souvent différent pour les clés KMS avec des éléments de clé importés.

Ce tableau inclut uniquement les opérations d'API qui utilisent une clé KMS existante. Les autres opérations, telles que CreateKeyet ListKeys, sont omises.

États de clé et types de clés KMS

Le type de la clé KMS détermine les états de clé qu'elle peut avoir.

  • Toutes les clés KMS peuvent être à l'état Enabled, Disabled et PendingDeletion.

  • La plupart des clés KMS sont créées dans l'état Enabled. Les clés avec des éléments de clé importés sont créées dans l'état PendingImport.

  • L'état PendingImport s'applique uniquement aux clés KMS avec des éléments de clé importés.

  • L'état Unavailable s'applique uniquement à une clé KMS dans un magasin de clés personnalisé. Une clé KMS dans un magasin de AWS CloudHSM clés se produit Unavailable lorsque le magasin de clés personnalisé est intentionnellement déconnecté de son AWS CloudHSM cluster. Une clé KMS dans un magasin de clés externe est Unavailable lorsque le magasin de clés personnalisé est intentionnellement déconnecté de son proxy de magasin de clés externe. Vous pouvez afficher et gérer les clés KMS indisponibles, mais vous ne pouvez pas les utiliser dans les opérations de chiffrement.

    L'état d'une clé KMS dans un magasin de clés personnalisé n'est pas affecté par les modifications apportées à sa clé de sauvegarde. Une clé KMS dans un magasin de AWS CloudHSM clés n'est pas affectée par les modifications apportées à son contenu clé associé dans le AWS CloudHSM cluster. Une clé KMS dans un magasin de clés externe n'est pas affectée par les modifications apportées à sa clé externe dans un gestionnaire de clés externe. Si la clé de sauvegarde est désactivée ou supprimée, l'état de la clé KMS ne change pas, mais les opérations cryptographiques utilisant la clé KMS échouent.

  • Les états de clé Creating, Updating et PendingReplicaDeletion s'appliquent uniquement aux clés multi-région.

    • Une clé de réplica multi-région se trouve dans l'état de clé Creating durant sa création. Ce processus est peut-être toujours en cours une fois l'ReplicateKeyopération terminée. Lorsque le processus de réplication est terminé, la clé de réplica se trouve dans l'état Enabled ou PendingImport.

    • Les clés multi-région se trouvent à l'état transitoire Updating lorsque la région principale est en cours de mise à jour. Ce processus est peut-être toujours en cours une fois l'UpdatePrimaryRegionopération terminée. Une fois le processus de mise à jour terminé, les clés principales et de réplica reprennent l'état de clé Enabled.

    • Lorsque vous planifiez la suppression d'une clé principale multi-région dotée de clés de réplica, la clé principale se trouve à l'état PendingReplicaDeletion jusqu'à ce que toutes ses clés de réplica soient supprimées. Puis, son état passe à PendingDeletion. Pour plus de détails, consultez Deleting multi-Region keys.

Tableau d'état de clé

Le tableau suivant montre comment l'état de clé d'une clé KMS affecte les opérations AWS KMS .

Les descriptions des notes de bas de page numérotées ([n]) sont à la fin de cette rubrique.

Note

Vous devrez peut-être faire défiler horizontalement ou verticalement pour voir toutes les données de ce tableau.

« Hello, World! » Activé Désactivées

Suppression en attente

Suppression du réplica en attente

 Importation en attente Unavailable Création Mise à jour
CancelKeyDeletion No entry symbol with a person icon, indicating restricted access or prohibition.

[4]

No entry symbol with a person icon, indicating restricted access or prohibition.

[4]

Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[4]

No entry symbol with a person icon, indicating restricted access or prohibition.

[4], [13]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[4]

No entry symbol with a person icon, indicating restricted access or prohibition.

[4]

CreateAlias Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
CreateGrant Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
Decrypt Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
DeleteAlias Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
DeleteImportedKeyMaterial Green checkmark icon indicating success or completion.

[9]

 Green checkmark icon indicating success or completion.

[9]

 Green checkmark icon indicating success or completion.

[9]

 Green checkmark icon indicating success or completion.

(Aucun effet)

 N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[15]
DescribeKey Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
DisableKey Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 Green checkmark icon indicating success or completion.

[12]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[15]
DisableKeyRotation Question mark icon in a purple circle, representing help or information.

[7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[1] ou [7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[3] ou [7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[6]

No entry symbol with a person icon, indicating restricted access or prohibition.

[7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Question mark icon in a purple circle, representing help or information.

[7]
EnableKey Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 Green checkmark icon indicating success or completion.

[12]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[15]
EnableKeyRotation Question mark icon in a purple circle, representing help or information.

[7]

No entry symbol with a person icon, indicating restricted access or prohibition.

[1] ou [7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[3] ou [7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[6]

No entry symbol with a person icon, indicating restricted access or prohibition.

[7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Question mark icon in a purple circle, representing help or information.

[7]

Encrypt Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
GenerateDataKey Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

Green checkmark icon indicating success or completion.
GenerateDataKeyPair Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
GenerateDataKeyPairWithoutPlaintext Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
GenerateDataKeyWithoutPlaintext Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
GenerateMac Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 N/A N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
GetKeyPolicy Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
GetKeyRotationStatus Question mark icon in a purple circle, representing help or information.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[6]

No entry symbol with a person icon, indicating restricted access or prohibition.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]
GetParametersForImport Question mark icon in a purple circle, representing help or information.

[9]

 Question mark icon in a purple circle, representing help or information.

[9]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[8] ou [9]

 Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[9]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[15]
GetPublicKey Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 N/A N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
ImportKeyMaterial Question mark icon in a purple circle, representing help or information.

[9]

 Question mark icon in a purple circle, representing help or information.

[9]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[8] ou [9]

 Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[9]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
ListAliases Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
ListGrants Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
ListKeyPolicies Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
ListKeyRotations Question mark icon in a purple circle, representing help or information.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[6]

No entry symbol with a person icon, indicating restricted access or prohibition.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]

 Question mark icon in a purple circle, representing help or information.

[7]
ListResourceTags Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
PutKeyPolicy Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
ReEncrypt Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[11]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
ReplicateKey Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[15]
RetireGrant Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
RevokeGrant Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
RotateKeyOnDemand Question mark icon in a purple circle, representing help or information.

[7]

No entry symbol with a person icon, indicating restricted access or prohibition.

[1] ou [7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[3] ou [7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[6]

No entry symbol with a person icon, indicating restricted access or prohibition.

[7]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Question mark icon in a purple circle, representing help or information.

[7]

ScheduleKeyDeletion Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[15]
Sign (Signer) Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 N/A N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
TagResource Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
UntagResource Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
UpdateAlias Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Question mark icon in a purple circle, representing help or information.

[10]

 Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
UpdateKeyDescription Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[3]

 Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion. Green checkmark icon indicating success or completion.
UpdatePrimaryRegion Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[5]

 N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
Vérification Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 N/A N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.
VerifyMac Green checkmark icon indicating success or completion. No entry symbol with a person icon, indicating restricted access or prohibition.

[1]

 No entry symbol with a person icon, indicating restricted access or prohibition.

[2] ou [3]

 N/A N/A No entry symbol with a person icon, indicating restricted access or prohibition.

[14]

 Green checkmark icon indicating success or completion.

Détails de la table

  • [1] DisabledException: <key ARN> is disabled.

  • [2] DisabledException: <key ARN> is pending deletion (or pending replica deletion).

  • [3] KMSInvalidStateException: <key ARN> is pending deletion (or pending replica deletion).

  • [4] KMSInvalidStateException: <key ARN> is not pending deletion (or pending replica deletion).

  • [5] KMSInvalidStateException: <key ARN> is pending import.

  • [6] UnsupportedOperationException: <key ARN> origin is EXTERNAL which is not valid for this operation.

  • [7] Si la clé KMS possède des éléments de clé importés ou se trouve dans un magasin de clés personnalisé : UnsupportedOperationException.

  • [8] Si la clé KMS comporte des éléments de clé importés : KMSInvalidStateException

  • [9] Si la clé KMS ne peut pas comporter ou ne comporte pas des éléments de clé importés : UnsupportedOperationException.

  • [10] Si la clé KMS source est en attente de suppression, la commande réussit. Si la clé KMS de destination est en attente de suppression, la commande échoue avec l'erreur suivante : KMSInvalidStateException : <key ARN> is pending deletion.

  • [11] KMSInvalidStateException: <key ARN> is unavailable. Vous ne pouvez pas effectuer cette opération sur une clé KMS indisponible.

  • [12] L'opération aboutit, mais l'état de la clé KMS ne change pas jusqu'à ce qu'elle devienne disponible.

  • [13] Même si une clé KMS d'un magasin de clés personnalisé est en attente de suppression, son état de clé demeure PendingDeletion, même si la clé KMS devient indisponible. Cela vous permet d'annuler la suppression de la clé KMS à tout moment au cours de la période d'attente.

  • [14] KMSInvalidStateException: <key ARN> is creating. AWS KMS lance cette exception lors de la réplication d'une clé multirégionale ()ReplicateKey.

  • [15] KMSInvalidStateException: <key ARN> is updating. AWS KMS lance cette exception lors de la mise à jour de la région principale d'une clé multirégionale (UpdatePrimaryRegion).

Sur cette page

Rubrique précédente :

Référence

Avez-vous besoin d’aide ?

ConfidentialitéConditions d'utilisation du sitePréférences de cookies
© 2025, Amazon Web Services, Inc. ou ses affiliés. Tous droits réservés.