JSPM

@aws-cdk/aws-kms

0.8.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 303054
  • Score
    100M100P100Q22545F
  • License Apache-2.0

CDK Constructs for AWS KMS

Package Exports

  • @aws-cdk/aws-kms

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@aws-cdk/aws-kms) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

AWS KMS Construct Library

Defines a KMS key:

new EncryptionKey(this, 'MyKey', {
    enableKeyRotation: true
});

Add a couple of aliases:

const key = new EncryptionKey(this, 'MyKey');
key.addAlias('alias/foo');
key.addAlias('alias/bar');

Importing and exporting keys

To use a KMS key that is not defined within this stack, use the EncryptionKey.import(parent, name, ref) factory method:

const key = EncryptionKey.import(this, 'MyImportedKey', {
    keyArn: new KeyArn('arn:aws:...')
});

// you can do stuff with this imported key.
key.addAlias('alias/foo');

To export a key from a stack and import it in another stack, use key.export which returns an EncryptionKeyRef, which can later be used to import:

// in stackA
const myKey = new EncryptionKey(stackA, 'MyKey');
const myKeyRef = myKey.export();

// meanwhile in stackB
const myKeyImported = EncryptionKey.import(stackB, 'MyKeyImported', myKeyRef);

Note that a call to .addToPolicy(statement) on myKeyImported will not have an affect on the key's policy because it is not owned by your stack. The call will be a no-op.