class Aws::KMS::Types::GetPublicKeyResponse
@!attribute [rw] key_id
The Amazon Resource Name ([key ARN][1]) of the asymmetric KMS key from which the public key was downloaded. [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN @return [String]
@!attribute [rw] public_key
The exported public key. The value is a DER-encoded X.509 public key, also known as `SubjectPublicKeyInfo` (SPKI), as defined in [RFC 5280][1]. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. [1]: https://tools.ietf.org/html/rfc5280 @return [String]
@!attribute [rw] customer_master_key_spec
Instead, use the `KeySpec` field in the `GetPublicKey` response. The `KeySpec` and `CustomerMasterKeySpec` fields have the same value. We recommend that you use the `KeySpec` field in your code. However, to avoid breaking changes, KMS will support both fields. @return [String]
@!attribute [rw] key_spec
The type of the of the public key that was downloaded. @return [String]
@!attribute [rw] key_usage
The permitted use of the public key. Valid values are `ENCRYPT_DECRYPT` or `SIGN_VERIFY`. This information is critical. If a public key with `SIGN_VERIFY` key usage encrypts data outside of KMS, the ciphertext cannot be decrypted. @return [String]
@!attribute [rw] encryption_algorithms
The encryption algorithms that KMS supports for this key. This information is critical. If a public key encrypts data outside of KMS by using an unsupported encryption algorithm, the ciphertext cannot be decrypted. This field appears in the response only when the `KeyUsage` of the public key is `ENCRYPT_DECRYPT`. @return [Array<String>]
@!attribute [rw] signing_algorithms
The signing algorithms that KMS supports for this key. This field appears in the response only when the `KeyUsage` of the public key is `SIGN_VERIFY`. @return [Array<String>]
@see docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetPublicKeyResponse AWS API Documentation
Constants
- SENSITIVE