alias
Gets an individual alias resource
Overview
| Name | alias |
| Type | Resource |
| Description | alias |
| Id | awscc.kms.alias |
Fields
| Name | Datatype | Description |
|---|---|---|
target_key_id | string | Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.<br/> A valid key ID is required. If you supply a null or empty string value, this operation returns an error.<br/> For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.<br/> Specify the key ID or the key ARN of the KMS key.<br/> For example:<br/> + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` <br/> + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` <br/> <br/> To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html). |
alias_name | string | Specifies the alias name. This value must begin with ``alias/`` followed by a name, such as ``alias/ExampleAlias``. <br/> If you change the value of the ``AliasName`` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC).<br/> The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with ``alias/aws/``. The ``alias/aws/`` prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
target_key_id,
alias_name
FROM awscc.kms.alias
WHERE data__Identifier = '<AliasName>';
Permissions
To operate on the alias resource, the following permissions are required:
Read
kms:ListAliases
Update
kms:UpdateAlias
Delete
kms:DeleteAlias