XksProxyConfigurationType
Detailed information about the external key store proxy (XKS proxy). Your external key
store proxy translates AWS KMS requests into a format that your external key manager can
understand. These fields appear in a DescribeCustomKeyStores response only
when the CustomKeyStoreType is EXTERNAL_KEY_STORE.
Contents
Note
In the following list, the required parameters are described first.
- AccessKeyId
-
The part of the external key store proxy authentication credential that uniquely identifies the secret access key.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 30.
Pattern:
^[A-Z2-7]+$Required: No
- Connectivity
-
Indicates whether the external key store proxy uses a public endpoint or an Amazon VPC endpoint service to communicate with AWS KMS.
Type: String
Valid Values:
PUBLIC_ENDPOINT | VPC_ENDPOINT_SERVICERequired: No
- UriEndpoint
-
The URI endpoint for the external key store proxy.
If the external key store proxy has a public endpoint, it is displayed here.
If the external key store proxy uses an Amazon VPC endpoint service name, this field displays the private DNS name associated with the VPC endpoint service.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 128.
Pattern:
^https://[a-zA-Z0-9.-]+$Required: No
- UriPath
-
The path to the external key store proxy APIs.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 128.
Pattern:
^(/[a-zA-Z0-9\/_-]+/kms/xks/v\d{1,2})$|^(/kms/xks/v\d{1,2})$Required: No
- VpcEndpointServiceName
-
The Amazon VPC endpoint service used to communicate with the external key store proxy. This field appears only when the external key store proxy uses an Amazon VPC endpoint service to communicate with AWS KMS.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 64.
Pattern:
^com\.amazonaws\.vpce\.([a-z]+-){2,3}\d+\.vpce-svc-[0-9a-z]+$Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
