ListKeyPolicies
Gets the names of the key policies that are attached to a KMS key.
Description
The ListKeyPolicies operation gets the names of the key policies that are attached to a KMS key. This operation is designed to get policy names that you can use in a GetKeyPolicy operation.
note
- The only valid policy name is
default. - This operation does not return the policy document. To get the policy document, use the
GetKeyPolicyoperation.
Request Syntax
POST / HTTP/1.1
Content-Type: application/x-amz-json-1.1
X-Amz-Target: TrentService.ListKeyPolicies
{
"KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
"Limit": 20,
"Marker": "eyJlbmNyeXB0ZWREYXRhIjpbMTIsMzQsNTYsNzgsOTBdfQ=="
}
Values in italics indicate user input and should be replaced with actual values.
Request Parameters
Headers
| Name | Description | Required | Type |
|---|---|---|---|
| Content-Type | Must be "application/x-amz-json-1.1" | Yes | string |
| X-Amz-Target | Must be "TrentService.ListKeyPolicies" | Yes | string |
Request Body
| Name | Description | Required | Type |
|---|---|---|---|
| KeyId | The identifier of the KMS key. The value can be the ID or ARN of a KMS key. | Yes | string |
| Limit | Use this parameter to specify the maximum number of items to return. When this value is present, QKMS does not return more than the specified number of items, but it might return fewer. | No | integer |
| Marker | Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of NextMarker from the truncated response you just received. | No | string |
Examples
Example 1: List key policies for a KMS key
POST / HTTP/1.1
Content-Type: application/x-amz-json-1.1
X-Amz-Target: TrentService.ListKeyPolicies
{
"KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
}
Values in italics indicate user input and should be replaced with actual values.
HTTP/1.1 200 OK
Content-Type: application/x-amz-json-1.1
{
"PolicyNames": [
"default"
],
"Truncated": false
}
Values in italics indicate variable response values.
Response Syntax
HTTP/1.1 200 OK
Content-Type: application/x-amz-json-1.1
{
"PolicyNames": [
"string"
],
"NextMarker": "string",
"Truncated": "boolean"
}
Values in italics indicate variable response values.
Response Elements
| Name | Description | Required | Type |
|---|---|---|---|
| PolicyNames | A list of key policy names. Currently, there is only one key policy per KMS key and it is always named 'default'. | No | String |
| NextMarker | When Truncated is true, this value is present and contains the value to use for the Marker parameter in a subsequent request. | No | String |
| Truncated | A flag that indicates whether there are more items in the list. When this value is true, the list in this response is truncated. To get more items, pass the value of the NextMarker element in subsequent requests. | No | String |
Special Errors
| Error Code | Description |
|---|---|
| DependencyTimeoutException | The system timed out while trying to fulfill the request. |
| InvalidArnException | The request was rejected because a specified ARN was not valid. |
| InvalidMarkerException | The request was rejected because the marker that specifies where pagination should next begin is not valid. |
| KMSInternalException | An internal error occurred. |
| KMSInvalidStateException | The request was rejected because the key state is not valid for this operation. |
| NotFoundException | The request was rejected because the specified entity or resource could not be found. |
Permissions
To use the ListKeyPolicies operation, you must have the following permissions:
kms:ListKeyPolicieson the KMS key (specified in the policy)
Try It Out
Test ListKeyPolicies
List key policies for a KMS key.
Coming Soon
This feature is currently under development and will be available soon.