Get Key Policy

kms_get_key_policy

R Documentation

Gets a key policy attached to the specified KMS key¶

Description¶

Gets a key policy attached to the specified KMS key.

Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

Required permissions: kms:GetKeyPolicy (key policy)

Related operations: put_key_policy

Eventual consistency: The KMS API follows an eventual consistency model. For more information, see KMS eventual consistency.

Usage¶

kms_get_key_policy(KeyId, PolicyName)

Arguments¶

KeyId

[required] Gets the key policy for the specified KMS key.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: ⁠1234abcd-12ab-34cd-56ef-1234567890ab⁠
Key ARN: ⁠arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab⁠

To get the key ID and key ARN for a KMS key, use list_keys or describe_key.

PolicyName

Specifies the name of the key policy. If no policy name is specified, the default value is default. The only valid name is default. To get the names of key policies, use list_key_policies.

Value¶

A list with the following syntax:

list(
  Policy = "string",
  PolicyName = "string"
)

Request syntax¶

svc$get_key_policy(
  KeyId = "string",
  PolicyName = "string"
)

Examples¶

## Not run: 
# The following example retrieves the key policy for the specified KMS
# key.
svc$get_key_policy(
  KeyId = "1234abcd-12ab-34cd-56ef-1234567890ab",
  PolicyName = "default"
)

## End(Not run)