Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Gets information about custom key stores in the account and Region.
This operation is part of the custom key stores feature in KMS, which combines the convenience and extensive integration of KMS with the isolation and control of a key store that you own and manage.
By default, this operation returns information about all custom key
stores in the account and Region. To get only information about a
particular custom key store, use either the CustomKeyStoreName
or
CustomKeyStoreId
parameter (but not both).
To determine whether the custom key store is connected to its CloudHSM
cluster or external key store proxy, use the ConnectionState
element
in the response. If an attempt to connect the custom key store failed,
the ConnectionState
value is FAILED
and the ConnectionErrorCode
element in the response indicates the cause of the failure. For help
interpreting the ConnectionErrorCode
, see CustomKeyStoresListEntry.
Custom key stores have a DISCONNECTED
connection state if the key
store has never been connected or you used the DisconnectCustomKeyStore
operation to disconnect it. Otherwise, the connection state is
CONNECTED. If your custom key store connection state is CONNECTED
but
you are having trouble using it, verify that the backing store is active
and available. For an CloudHSM key store, verify that the associated
CloudHSM cluster is active and contains the minimum number of HSMs
required for the operation, if any. For an external key store, verify
that the external key store proxy and its associated external key
manager are reachable and enabled.
For help repairing your CloudHSM key store, see the Troubleshooting CloudHSM key stores. For help repairing your external key store, see the Troubleshooting external key stores. Both topics are in the Key Management Service Developer Guide.
Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
Required permissions: kms:DescribeCustomKeyStores (IAM policy)
Related operations:
- ConnectCustomKeyStore
- CreateCustomKeyStore
- DeleteCustomKeyStore
- DisconnectCustomKeyStore
- UpdateCustomKeyStore
This operation returns paginated results.
Synopsis
- data DescribeCustomKeyStores = DescribeCustomKeyStores' {}
- newDescribeCustomKeyStores :: DescribeCustomKeyStores
- describeCustomKeyStores_customKeyStoreId :: Lens' DescribeCustomKeyStores (Maybe Text)
- describeCustomKeyStores_customKeyStoreName :: Lens' DescribeCustomKeyStores (Maybe Text)
- describeCustomKeyStores_limit :: Lens' DescribeCustomKeyStores (Maybe Natural)
- describeCustomKeyStores_marker :: Lens' DescribeCustomKeyStores (Maybe Text)
- data DescribeCustomKeyStoresResponse = DescribeCustomKeyStoresResponse' {}
- newDescribeCustomKeyStoresResponse :: Int -> DescribeCustomKeyStoresResponse
- describeCustomKeyStoresResponse_customKeyStores :: Lens' DescribeCustomKeyStoresResponse (Maybe [CustomKeyStoresListEntry])
- describeCustomKeyStoresResponse_nextMarker :: Lens' DescribeCustomKeyStoresResponse (Maybe Text)
- describeCustomKeyStoresResponse_truncated :: Lens' DescribeCustomKeyStoresResponse (Maybe Bool)
- describeCustomKeyStoresResponse_httpStatus :: Lens' DescribeCustomKeyStoresResponse Int
Creating a Request
data DescribeCustomKeyStores Source #
See: newDescribeCustomKeyStores
smart constructor.
DescribeCustomKeyStores' | |
|
Instances
newDescribeCustomKeyStores :: DescribeCustomKeyStores Source #
Create a value of DescribeCustomKeyStores
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DescribeCustomKeyStores
, describeCustomKeyStores_customKeyStoreId
- Gets only information about the specified custom key store. Enter the
key store ID.
By default, this operation gets information about all custom key stores
in the account and Region. To limit the output to a particular custom
key store, provide either the CustomKeyStoreId
or CustomKeyStoreName
parameter, but not both.
DescribeCustomKeyStores
, describeCustomKeyStores_customKeyStoreName
- Gets only information about the specified custom key store. Enter the
friendly name of the custom key store.
By default, this operation gets information about all custom key stores
in the account and Region. To limit the output to a particular custom
key store, provide either the CustomKeyStoreId
or CustomKeyStoreName
parameter, but not both.
$sel:limit:DescribeCustomKeyStores'
, describeCustomKeyStores_limit
- Use this parameter to specify the maximum number of items to return.
When this value is present, KMS does not return more than the specified
number of items, but it might return fewer.
$sel:marker:DescribeCustomKeyStores'
, describeCustomKeyStores_marker
- Use this parameter in a subsequent request after you receive a response
with truncated results. Set it to the value of NextMarker
from the
truncated response you just received.
Request Lenses
describeCustomKeyStores_customKeyStoreId :: Lens' DescribeCustomKeyStores (Maybe Text) Source #
Gets only information about the specified custom key store. Enter the key store ID.
By default, this operation gets information about all custom key stores
in the account and Region. To limit the output to a particular custom
key store, provide either the CustomKeyStoreId
or CustomKeyStoreName
parameter, but not both.
describeCustomKeyStores_customKeyStoreName :: Lens' DescribeCustomKeyStores (Maybe Text) Source #
Gets only information about the specified custom key store. Enter the friendly name of the custom key store.
By default, this operation gets information about all custom key stores
in the account and Region. To limit the output to a particular custom
key store, provide either the CustomKeyStoreId
or CustomKeyStoreName
parameter, but not both.
describeCustomKeyStores_limit :: Lens' DescribeCustomKeyStores (Maybe Natural) Source #
Use this parameter to specify the maximum number of items to return. When this value is present, KMS does not return more than the specified number of items, but it might return fewer.
describeCustomKeyStores_marker :: Lens' DescribeCustomKeyStores (Maybe Text) Source #
Use this parameter in a subsequent request after you receive a response
with truncated results. Set it to the value of NextMarker
from the
truncated response you just received.
Destructuring the Response
data DescribeCustomKeyStoresResponse Source #
See: newDescribeCustomKeyStoresResponse
smart constructor.
DescribeCustomKeyStoresResponse' | |
|
Instances
newDescribeCustomKeyStoresResponse Source #
Create a value of DescribeCustomKeyStoresResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:customKeyStores:DescribeCustomKeyStoresResponse'
, describeCustomKeyStoresResponse_customKeyStores
- Contains metadata about each custom key store.
DescribeCustomKeyStoresResponse
, describeCustomKeyStoresResponse_nextMarker
- When Truncated
is true, this element is present and contains the value
to use for the Marker
parameter in a subsequent request.
DescribeCustomKeyStoresResponse
, describeCustomKeyStoresResponse_truncated
- A flag that indicates whether there are more items in the list. When
this value is true, the list in this response is truncated. To get more
items, pass the value of the NextMarker
element in thisresponse to the
Marker
parameter in a subsequent request.
$sel:httpStatus:DescribeCustomKeyStoresResponse'
, describeCustomKeyStoresResponse_httpStatus
- The response's http status code.
Response Lenses
describeCustomKeyStoresResponse_customKeyStores :: Lens' DescribeCustomKeyStoresResponse (Maybe [CustomKeyStoresListEntry]) Source #
Contains metadata about each custom key store.
describeCustomKeyStoresResponse_nextMarker :: Lens' DescribeCustomKeyStoresResponse (Maybe Text) Source #
When Truncated
is true, this element is present and contains the value
to use for the Marker
parameter in a subsequent request.
describeCustomKeyStoresResponse_truncated :: Lens' DescribeCustomKeyStoresResponse (Maybe Bool) Source #
A flag that indicates whether there are more items in the list. When
this value is true, the list in this response is truncated. To get more
items, pass the value of the NextMarker
element in thisresponse to the
Marker
parameter in a subsequent request.
describeCustomKeyStoresResponse_httpStatus :: Lens' DescribeCustomKeyStoresResponse Int Source #
The response's http status code.