Key

This class encapsulates and extends the ROS resource type ALIYUN::KMS::Key, which is used to create a customer master key (CMK).

Initializers

import ros_cdk_kms
ros_cdk_kms.Key(
  scope: Construct,
  id: str,
  description: typing.Union[str, IResolvable] = None,
  dkms_instance_id: typing.Union[str, IResolvable] = None,
  enable: typing.Union[bool, IResolvable] = None,
  enable_automatic_rotation: typing.Union[bool, IResolvable] = None,
  key_spec: typing.Union[str, IResolvable] = None,
  key_usage: typing.Union[str, IResolvable] = None,
  pending_window_in_days: typing.Union[typing.Union[int, float], IResolvable] = None,
  policy: typing.Union[IResolvable, typing.Mapping[typing.Any]] = None,
  protection_level: typing.Union[str, IResolvable] = None,
  rotation_interval: typing.Union[str, IResolvable] = None,
  enable_resource_property_constraint: bool = None
)

Name	Type	Description
scope	ros_cdk_core.Construct	No description.
id	str	No description.
description	typing.Union[str, ros_cdk_core.IResolvable]	Property description: The description of the CMK.
dkms_instance_id	typing.Union[str, ros_cdk_core.IResolvable]	Property dkmsInstanceId: The ID of the dedicated KMS instance.
enable	typing.Union[bool, ros_cdk_core.IResolvable]	Property enable: Specifies whether the key is enabled.
enable_automatic_rotation	typing.Union[bool, ros_cdk_core.IResolvable]	Property enableAutomaticRotation: Whether to enable automatic key rotation.
key_spec	typing.Union[str, ros_cdk_core.IResolvable]	Property keySpec: Key type.
key_usage	typing.Union[str, ros_cdk_core.IResolvable]	Property keyUsage: The usage of the CMK.
pending_window_in_days	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property pendingWindowInDays: The waiting period, specified in number of days.
policy	typing.Union[ros_cdk_core.IResolvable, typing.Mapping[typing.Any]]	Property policy: The policy of key.
protection_level	typing.Union[str, ros_cdk_core.IResolvable]	Property protectionLevel: The protection level of the CMK to create.
rotation_interval	typing.Union[str, ros_cdk_core.IResolvable]	Property rotationInterval: The time period for automatic rotation.
enable_resource_property_constraint	bool	No description.

---

scope^Required

• Type: ros_cdk_core.Construct

---

id^Required

• Type: str

---

description^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property description: The description of the CMK.

Length constraints: Minimum length of 0 characters. Maximum length of 8192 characters.

---

dkms_instance_id^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property dkmsInstanceId: The ID of the dedicated KMS instance.

---

enable^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property enable: Specifies whether the key is enabled.

Defaults to true.

---

enable_automatic_rotation^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property enableAutomaticRotation: Whether to enable automatic key rotation.

Valid value: true/false (default)

---

key_spec^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property keySpec: Key type.

Valid value: Aliyun_AES_256/Aliyun_SM4/RSA_2048/EC_P256/EC_P256K/EC_SM2

---

key_usage^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property keyUsage: The usage of the CMK.

Valid values: ENCRYPT/DECRYPT: encrypts or decrypts data. SIGN/VERIFY: generates or verifies a digital signature. If the CMK supports signature verification, the default value is SIGN/VERIFY. If the CMK does not support signature verification, the default value is ENCRYPT/DECRYPT.

---

pending_window_in_days^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property pendingWindowInDays: The waiting period, specified in number of days.

During this period, you can cancel the CMK in PendingDeletion status. After the waiting period expires, you cannot cancel the deletion. The value must be between 7 and 366. Default value is 30.

---

policy^Optional

• Type: typing.Union[ros_cdk_core.IResolvable, typing.Mapping[typing.Any]]

Property policy: The policy of key.

---

protection_level^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property protectionLevel: The protection level of the CMK to create.

Valid value: SOFTWARE and HSM. When this parameter is set to HSM: If the Origin parameter is set to Aliyun_KMS, the CMK is created in Managed HSM. If the Origin parameter is set to EXTERNAL, you can import external keys to Managed HSM.

---

rotation_interval^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property rotationInterval: The time period for automatic rotation.

The format is integer[unit], where integer represents the length of time and unit represents the time unit. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both represent a 7-day cycle. Value: 7~730 days.

---

enable_resource_property_constraint^Optional

• Type: bool

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
synthesize	Allows this construct to emit artifacts into the cloud assembly during synthesis.
add_condition	No description.
add_count	No description.
add_dependency	No description.
add_resource_desc	No description.
apply_removal_policy	No description.
get_att	No description.
set_metadata	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

synthesize

def synthesize(
  session: ISynthesisSession
) -> None

Allows this construct to emit artifacts into the cloud assembly during synthesis.

This method is usually implemented by framework-level constructs such as Stack and Asset as they participate in synthesizing the cloud assembly.

session^Required

• Type: ros_cdk_core.ISynthesisSession

The synthesis session.

---

add_condition

def add_condition(
  condition: RosCondition
) -> None

condition^Required

• Type: ros_cdk_core.RosCondition

---

add_count

def add_count(
  count: typing.Union[typing.Union[int, float], IResolvable]
) -> None

count^Required

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

---

add_dependency

def add_dependency(
  resource: Resource
) -> None

resource^Required

• Type: ros_cdk_core.Resource

---

add_resource_desc

def add_resource_desc(
  desc: str
) -> None

desc^Required

• Type: str

---

apply_removal_policy

def apply_removal_policy(
  policy: RemovalPolicy
) -> None

policy^Required

• Type: ros_cdk_core.RemovalPolicy

---

get_att

def get_att(
  name: str
) -> IResolvable

name^Required

• Type: str

---

set_metadata

def set_metadata(
  key: str,
  value: typing.Any
) -> None

key^Required

• Type: str

---

value^Required

• Type: typing.Any

---

Static Functions

Name	Description
is_construct	Return whether the given object is a Construct.

---

is_construct

import ros_cdk_kms
ros_cdk_kms.Key.is_construct(
  x: typing.Any
)

Return whether the given object is a Construct.

x^Required

• Type: typing.Any

---

Properties

Name	Type	Description
node	ros_cdk_core.ConstructNode	The construct tree node associated with this construct.
ref	str	No description.
stack	ros_cdk_core.Stack	The stack in which this resource is defined.
resource	ros_cdk_core.RosResource	No description.
attr_key_id	ros_cdk_core.IResolvable	Attribute KeyId: The globally unique identifier for the CMK.

---

node^Required

node: ConstructNode

• Type: ros_cdk_core.ConstructNode

The construct tree node associated with this construct.

---

ref^Required

ref: str

• Type: str

---

stack^Required

stack: Stack

• Type: ros_cdk_core.Stack

The stack in which this resource is defined.

---

resource^Optional

resource: RosResource

• Type: ros_cdk_core.RosResource

---

attr_key_id^Required

attr_key_id: IResolvable

• Type: ros_cdk_core.IResolvable

Attribute KeyId: The globally unique identifier for the CMK.

---